cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1514
Views
10
Helpful
5
Replies

about the authentication at branch offices

khang2711
Beginner
Beginner


Dear anyone,

In my network:

- at HO: 2 x WLC 5500 and 20AP, ACS, AD

- at branches: 5 AP at each branch

I configure the H-Reap. Now, I have some question about Cisco wireless:

1. Only 1 Wan link between HO and branches, How I should configure when the WAN link down, all AP at branches still works, users still connect?

2. Based my network architecture, I should authentication central at HO or authentication at HO and branches? AP at branches supports local authentication or not? If we want to authenticate on AD at branches, how can I configure?

3. I also want IT at branches have managed AP at their branches. When branch has visitor, IT at branch create temporary key and provide to visitor. at branch, how can I do that?

Thanks,





Sent from Cisco Technical Support iPad App

1 Accepted Solution

Accepted Solutions

maldehne
Cisco Employee
Cisco Employee

1 ) If the APs are in HREAP mode and WAN link is down, depending on your security the AP might be able to maintain

the currently connected clients and accept new association.

2) depends on what security measures do you want to have and how robust your link between branches and the HO.

3)with HREAP APs everything is done from the controller.

Please study the following links:

http://www.cisco.com/en/US/partner/products/ps10315/products_tech_note09186a0080736123.shtml

http://www.cisco.com/en/US/partner/tech/tk722/tk809/technologies_tech_note09186a008081103d.shtml

http://www.cisco.com/en/US/partner/docs/wireless/controller/7.2/configuration/guide/cg_flexconnect.html

http://www.cisco.com/en/US/partner/products/ps10315/products_tech_note09186a0080b3690b.shtml

------------------------------------------------------------------------------------------------------------

Please make sure to rate correct answers

View solution in original post

5 Replies 5

maldehne
Cisco Employee
Cisco Employee

1 ) If the APs are in HREAP mode and WAN link is down, depending on your security the AP might be able to maintain

the currently connected clients and accept new association.

2) depends on what security measures do you want to have and how robust your link between branches and the HO.

3)with HREAP APs everything is done from the controller.

Please study the following links:

http://www.cisco.com/en/US/partner/products/ps10315/products_tech_note09186a0080736123.shtml

http://www.cisco.com/en/US/partner/tech/tk722/tk809/technologies_tech_note09186a008081103d.shtml

http://www.cisco.com/en/US/partner/docs/wireless/controller/7.2/configuration/guide/cg_flexconnect.html

http://www.cisco.com/en/US/partner/products/ps10315/products_tech_note09186a0080b3690b.shtml

------------------------------------------------------------------------------------------------------------

Please make sure to rate correct answers

Thank you very much.

In WLC, I configure SSID for each AP.

For example: I have SSID 1, SSID 2, SSIDn; I only want AP 1 for SSID 1 and AP 2 for SSID2. Can I do that?

Best Regards,

Duy Khang

Dear anyone,

I can configure the authentication for HO and branches at WLC at HO. If the WAN link down, all AP at branches will authenticate local at Local AP at Branches? That is rights? AP will support how many local authentication?

Thank you very much.

check the links you will find the types listed

yes , you can use AP groups

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: