Showing results for 
Search instead for 
Did you mean: 

2500 WLC, attach AP?



i was checking the documentation on the 2500 WLAN controller... it states "The Power over Ethernet (PoE) ports on the Cisco 2500 Series Wireless Controller will not support directly attached APs." ... if that is true, what are those PoE ports good for?????

i have a scenario with just two APs (for now) the 2500 would be perfect IF i could plug the APs directly into the WLC... any plans to support that? Or is just an error in the documentation?



49 Replies 49

Rob Huffman
Hall of Fame Community Legend Hall of Fame Community Legend
Hall of Fame Community Legend

Hi Michael,

We don't use any 2500 series WLC's so I can't test this for you,

but this doc does indicate a different scenario than the one you saw

Cisco 2500 Series Controller

The Cisco 2500 Series Wireless Controller works in conjunction with Cisco lightweight access points and the Cisco Wireless Control System (WCS) to provide system-wide wireless LAN functions. As a component of the Cisco Unified Wireless Network (CUWN), the Cisco 2500 Series controller provides real-time communication between a wireless access points and other devices to deliver centralized security policies, guest access, wireless intrusion prevention system (wIPS), context-aware (location), RF management, quality of services for mobility services such as voice and video, and OEAP support for the teleworker solution.

Cisco 2500 Series Wireless Controllers support up to 50 lightweight access points in increments of 5 and 25 access points with a minimum of 5 access points. The Cisco 2504 Wireless Controller comes with four 4 Giga bit Ethernet ports, two of which can provide power directly to Cisco lightweight access points.



Hi Michael, Rob,

Directly connected APs are not supported on the 2500 platform. Please see the 2500 deployment guide:

"The Power over Ethernet (PoE) ports on the Cisco 2500 Series Wireless Controller will not support directly attached APs."

Regarding the configuration guide link that you found Rob, this is a documentation error and I will submit a documentation bug to resolve it. In the bullet list below that section, we do see the correct statement:

• Does not support access points in direct connect mode

-Patrick Croak

Wireless TAC

Thanks for your answers guys!

i think the whole documentation needs some work... the getting started guide states


3 & 4 POE

GigE Power-over-Ethernet (POE) ports

The Gigabit POE ports are RJ-45 connector form-factor. They provide a  I2C communications channel between the PSE controller and host CPU TWSI  bus #1. This interface supports the proper voltage isolation as defined  by 802.3. The POE controller is configured to I2C address 0x40/41 (0100  000r/w).

The POE controller reset is driven from system reset. If software needs to reset the POE controller, it can do so over I2C.

Note Ports  3 and 4 are PoE only ports; do not connect access point devices to  these ports. The ports can be used for infra-switch connection using  multiple an AP-Manager or data interface.



anyway: is this "no directly attached APs" a temporary issue and will be enabled later on? If yes, when can we expect this?

If not i don't see the point of the PoE ports...  and i don't really know how to tell the customer "yeah, the controller has PoE ports but you cannot use them and you still need to buy a PoE switch, even if you just connect two APs"...


Hi, after reading this discussion and some other, Im still not clear with setup for directly connected APs.

I have one 2504 v8 WLC and two AP series 2700. Also I need to configure multicast for Apple and Chromecast.

In attachment you can see my plan to implement configuration.

Does any one have some better idea or some advice?



In regards to direct attach not working: I have a 2504 WLC with 3 3502 APs direct attached each to untagged interfaces, and the CAPWAP tunnel gets established without problems.  It's been running with stability for some time.  What specifically is unsupported about this configuration, or won't work?  If the APs have a CAPWAP tunnel to the WLC, isn't that's all that is required for the APs to have full functionality?

Confused...  Seems to work well enough.

It's just not supported by TAC. Yes it will work if you want the AP's on the same subnet as the management... Just not supported.


Scott Fella

Sent from my iPhone

*** Please rate helpful posts ***

Basically, we did not formally test all scenarios with directly connected APs, and as such we cannot state that it is fully supported. It may work just fine as it is in your case, although there are some limitations (for example, I don't believe you can ping or telnet/ssh to the APs in this configuration).


Thank you for the response, this makes sense.  You are correct regarding telnet/ssh, I have to use console access to manage the APs directly.  However, once configured enough to establish a CAPWAP tunnel, there appears to be little other reason to need direct management outside of what the WLC provides.

My main worry was that multicast wouldn't work or something more functionally relavant.  I currently don't have enough ports on the 3650X-24T-L running this office to connect the APs to it so this is temporary until I can get a 48-porter.  Multicast isn't working right now as I wait for the L-to-S (L2 to L3) license upgrade for the current switch to go through, which is what I was most worried about.  Everyone wants Apple Bounjour = Airplay and printer discovery.  As far as I can tell, multicast should work with wired while the APs are direct-attached as soon as I get the switch upgraded to L3.

Anyway, a little background, thanks for the information.

Now that you mention it, unfortunately I think multicast is one functional feature that does not work with directly connected APs. The 2500 uses Multicast > Multicast replication mode, meaning a multicast packet received is then sent via multicast to the APs (which are joined to the WLC multicast IP address configured). Directly connected APs may not properly join this multicast group, so they do not receive the traffic.

It's possible that your switch software is also related, but you might hit a limitation with this deployment model on the WLC.


I did further testing after performing the L3 license upgrade on the office switch, and I was required to have to the APs attached to the L3-enabled switch with 'ip multicast-routing distributed' set in order to get multicast and the Apple Bonjuor protocol to work.


i just tested with 3502 APs directly attached to (and powered by) the 2504.

Bonjour and more specific AirPrint, AirPlay and Timemachine work fine.


Were you testing between devices on your wired and wireless networks, or just on the wireless?  How were your interfaces configured?


Printer, AppleTV and iPod/iPhone/iPad on wireless (on different APs and frequencies), TimeMachine on wired network.

i did not configure the interfaces at all, i just pluuged the APs into the POE ports... just port 1 is configured for management.



Cozza Ent: Yes basically, do you could have like managemnt, and assign interfaces with and to ports 3 & 4.

Release 7.4.x of the WLC image officially notes support for AP directly connected but only in Local-mode.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers