An OfficeExtend access point provides secure communications from a controller to an access point at a remote location, seamlessly extending the corporate WLAN over the Internet to an employee's residence. The user's experience at the home office is exactly the same as it would be at the corporate office. Datagram Transport Layer Security (DTLS) encryption between the access point and the controller ensures that all communications have the highest level of security.
Purposely designed for the teleworking environment, the Cisco Aironet 600 Series OfficeExtend Access point delivers full 802.11n speed with simultaneous 2.4 GHz and 5 GHz RF band support.
The following figure shows a typical OfficeExtend access point setup.
Cisco OEAPs are designed to work behind a router or other gateway device that is using network address translation (NAT). NAT allows a device, such as a router, to act as an agent between the Internet (public) and a personal network (private), enabling an entire group of computers to be represented by a single IP address. There is no limit to the number of Cisco OEAPs that you can deploy behind a NAT device. Roaming is not supported for the Cisco 600 OEAP model.
Currently, Cisco 1040, 1130, 1140, 2602I, 3502I, and 3600 series access points that are associated with a controller can be configured to operate as Cisco OEAPs. All the supported AP models with integrated antenna can be configured as OEAP.
Extends Borderless Network services and policies to the home-office teleworker.
Protects the corporate environment with industry-standard control and wireless access point (CAPWAP) support.
Simultaneously supports corporate and personal network activity with traffic segmentation.
Increases productivity and reduces cellular cost by extending voice to the home wirelessly or via a wired Ethernet port.
Reduces setup time with simplified IT provisioning.
Supported Controller Platforms
The 600 Series OfficeExtend Access Point is supported on the Cisco 5508 Series Controller, WISM-2, and Cisco 2500 Series Controllers and requires the controller software 220.127.116.11 release.
Currently, Cisco 1040, 1130, 1140, and 3502I series access points that are joined to a Cisco 5500 Series Controller can be configured to operate as OfficeExtend access points.
Benefits for the Teleworker
Zero-touch deployment at the home office speeds setup time and gets you working right away.
Simultaneous dual-band support helps avoid congestion caused by home devices.
Backward capability supports 802.11a/b/g devices as well as newly deployed 802.11n devices.
Video on OEAP 600
We hope the valuable insights from our Cisco Experts will help answer these recurring comments and questions we've encountered on Cisco Office Extend Access Point OEAP-600.
The Cisco 600 Series OfficeExtend Access Points (OEAPs) are designed for single AP deployments, therefore client roaming between Cisco 600 Series OEAPs is not supported. Disabling the 802.11a/n/ac or 802.11b/g/n on the controller may not disable these spectrums on the Cisco 600 Series OEAP because local SSID may be still working.
Your firewall must be configured to allow traffic from access points using CAPWAP. Make sure that UDP ports 5246 and 5247 are enabled and are not blocked by an intermediate device that could prevent an access point from joining the controller.
APs such as 3500, 3600, 1260, 2600, and 1040 that are converted to OEAP mode and mapped to locally switched WLAN forward the DHCP request to the local subnet on the AP connected switch. To avoid this condition, you must disable local switching and local authentication.
For Cisco 600 Series OEAP to associate with Cisco Virtual Wireless LAN Controller, follow these steps:
Configure the OEAP to associate with a physical controller that is using 7.5 or a later release and download the corresponding AP image.
Configure the OEAP so that the OEAP does not associate with the physical controller again; for example, you can implement an ACL in the network to block CAPWAP between the OEAP and the physical controller.
Configure the OEAP to associate with the Cisco Virtual Wireless LAN Controller.
You may download a copy of the presentation slides(PDF) from the attachment.
Fellow colleagues,Where can I find guidance on how to properly configure a single, dual-radio, AP so that the 5GHz is serving clients full time while the XOR radio acts as a full-time sensor? We are using a 3504 WLC and our APs are 2802i. If there is any ...
Dear All I have a case below: I have an ISE node. EAP certificate is expired so I renewal it and received the certificate from Zone which is using normal for other sites ( Europe, India, America..) But in Vietnam, we met the issue as the picture...
Hello everyone, I have a problem I need to solve with my WLC MAc filtering. I found ton of topics on how to block mac addresses on certain SSID on WLC however I didn't find even one that properly explains how to allow only few mac addresses to connec...
Hi everybody;I have the following question, i just installed and configured WLC controller with 7 AP's, the management interface have the ip address 192.168.10.90. i am able to ping the interface vlan 10 (internally is the management vlan) of switch 1 (19...
I understand that the Cisco WLC has the ability to bridge Bonjour services between subnets. We have an issue with Bonjour services where sometimes clients cannot Airplay to an Apple TV that is on the same subnet as the client (they cannot find the Ap...