Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
964
Views
10
Helpful
3
Replies

AireOS two AP management interfaces on two ports

Go to solution
mareksumny
Level 1
Level 1

‎12-03-2020 11:50 AM - edited ‎07-05-2021 12:51 PM

Hello,

Is it possible to have on WLC 5520 (AireOS) 2 different AP management interfaces on 2 different ports? 

One port will be dedicated as an AP termination for DMZ APs first one AP management interface and the second interface assigned to the second port will be dedicated as an AP management interface for APs in LAN. for WLC management I can use interface on LAN interface.

Both of the interfaces should be routed so APs will be sitting on VLAN from a different subnet.

 

Thanks for the answer

regards,

Marek

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to mareksumny

‎12-07-2020 05:09 AM

This can be done like Rasika mentioned. What you need to know is that in order for this to work, LAG must be disabled. Then you have one or two ports connected to your internal and the other (up to two ports) directly connected to the dmz vlan. You can have up to two ports as not using lag allows you to define a primary and a secondary. On your wlc ports connected to the dmz, you can connect that to a switch, but define an isolated vlan and then have that pushed to the dmz. So as long as the wlc has access to that dmz vlan and the ports are open, the AP’s will be able to join.
-Scott
*** Please rate helpful posts ***

View solution in original post

3 Replies 3

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni

‎12-03-2020 06:22 PM

You should be able to do it. You create a dynamic interface and enable AP-management on that interface.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/ports_and_interfaces.html#reference_5969E9C66E064C7A98E6F2AD7F695E8B 

 

HTH

Rasika

Go to solution
mareksumny
Level 1
Level 1
In response to Rasika Nayanajith

‎12-07-2020 12:51 AM

Yes I did not find any restriction on deployment guide, but since AireOS does not support any routing and there is only one ip default gateway I think it will not work, because on WLC there are 2 ports connected to 2 different networks and WLC has no idea how to reach APs on DMZ, to reach APs on lan it will use default GW, but correct me if I am wrong .  And I am talking about APs sitting on different vlan not directly connected.

Thanks

Marek

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to mareksumny

‎12-07-2020 05:09 AM

This can be done like Rasika mentioned. What you need to know is that in order for this to work, LAG must be disabled. Then you have one or two ports connected to your internal and the other (up to two ports) directly connected to the dmz vlan. You can have up to two ports as not using lag allows you to define a primary and a secondary. On your wlc ports connected to the dmz, you can connect that to a switch, but define an isolated vlan and then have that pushed to the dmz. So as long as the wlc has access to that dmz vlan and the ports are open, the AP’s will be able to join.
-Scott
*** Please rate helpful posts ***
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card