Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3498
Views
5
Helpful
4
Replies

AP Group VLAN and roaming

Go to solution
emily00001
Level 1
Level 1

‎03-13-2015 10:42 AM - edited ‎07-05-2021 02:42 AM

Some time ago I started a topic in this forum while testing this setup. I wanted to have an AP group where clients were assigned a different VLAN while still using the same WLAN/SSID as the default group. It turned out that clients were prone to roam between the default ap-group and the newly created group resulting in no change of VLAN when switching AP. During testing the APs were still in the tech-room of the first venue so they were in close proximity to the default AP group.

My first thread can be found here:

https://supportforums.cisco.com/discussion/12354036/growing-wlan-beyond-class-c-network-wlc2504-ap2700-ap-groups

It now turns out that the clients can still roam between APs in two separate venues and although not frequent it happens. How would I best force clients on certain APs to be on a designated VLAN? Would it be to create two WLANs with identical settings with exception to VLAN and assign them to two different AP-groups (no longer using default AP group given it has all WLANs)? Would that prevent users from finding themselves retaining the VLAN when switching venues as they roam instead of making a new association?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni

‎03-13-2015 11:04 AM 

How would I best force clients on certain APs to be on a designated VLAN?

What is the reason behind having  such requirement ? technically it does not matter what IP client got as long as user get the service what they want.

Would it be to create two WLANs with identical settings with exception to VLAN and assign them to two different AP-groups (no longer using default AP group given it has all WLANs)? Would that prevent users from finding themselves retaining the VLAN when switching venues as they roam instead of making a new association?

Retaining the IP is fundamental rule of Roaming, so if it is same SSID & there is coverage overlapping, then client will always retain the original IP when roam.

If it is two SSID, then always they will disconnect from one SSID & connect to the other at the 2nd location. So you can force client to get different subnet IP at 2nd location. Question is, does this gives any benefit to end user or is it convenient to them to switch these SSIDs at different places of your premises.

HTH

Rasika

**** Pls rate all useful responses ****

View solution in original post

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to emily00001

‎03-14-2015 07:36 AM

With FlexConnect this was an issue I have seen in the past also when I had to deal with guest and increasing the idle timer. If you have users roaming to different access points in a different locations that have different wlan to vlan mappings, the WLC will keep the device in the run state until the idle timer expires or the session timer expires. The idle timer is the one you need to focus on. If you want users to associate to a new access point when roaming and obtain a new IP address, you will need to lower the idle timer low enough for the client not to respond to access points and for the controller to remove them.  If roaming is very quick like in elevators, then you shouldn't design using FlexConnect.  This is the limitation with FlexConnect and thus why some designs require local mode access points. 

-Scott

-Scott
*** Please rate helpful posts ***

View solution in original post

4 Replies 4

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni

‎03-13-2015 11:04 AM 

How would I best force clients on certain APs to be on a designated VLAN?

What is the reason behind having  such requirement ? technically it does not matter what IP client got as long as user get the service what they want.

Would it be to create two WLANs with identical settings with exception to VLAN and assign them to two different AP-groups (no longer using default AP group given it has all WLANs)? Would that prevent users from finding themselves retaining the VLAN when switching venues as they roam instead of making a new association?

Retaining the IP is fundamental rule of Roaming, so if it is same SSID & there is coverage overlapping, then client will always retain the original IP when roam.

If it is two SSID, then always they will disconnect from one SSID & connect to the other at the 2nd location. So you can force client to get different subnet IP at 2nd location. Question is, does this gives any benefit to end user or is it convenient to them to switch these SSIDs at different places of your premises.

HTH

Rasika

**** Pls rate all useful responses ****

0 Helpful

Go to solution
emily00001
Level 1
Level 1
In response to Rasika Nayanajith

‎03-14-2015 05:22 AM

Users are often on their own devices and add printers in the simplest way i.e. Bonjour (Apple) or equivalent.

This could potentially lead to the inability to print and it would require inter-vlan multicast which I don't think is advisable in this situation.

I'm surprised that devices can roam between the venues as this happens to laptops that are put to sleep that travel in elevators and 100 m outside the building before they get to the other location.

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to emily00001

‎03-14-2015 07:36 AM

With FlexConnect this was an issue I have seen in the past also when I had to deal with guest and increasing the idle timer. If you have users roaming to different access points in a different locations that have different wlan to vlan mappings, the WLC will keep the device in the run state until the idle timer expires or the session timer expires. The idle timer is the one you need to focus on. If you want users to associate to a new access point when roaming and obtain a new IP address, you will need to lower the idle timer low enough for the client not to respond to access points and for the controller to remove them.  If roaming is very quick like in elevators, then you shouldn't design using FlexConnect.  This is the limitation with FlexConnect and thus why some designs require local mode access points. 

-Scott

-Scott
*** Please rate helpful posts ***

Go to solution
emily00001
Level 1
Level 1
In response to Scott Fella

‎03-16-2015 02:37 AM

Thank you both for the insightful answers.

I'll look into both approaches (WLAN and idle timers). Is there any data on if it would be problematic to have idle timers of 2-3 minutes. Should I expect modern phones and tablets to be dropped when sleeping in such a time frame or is it something I would have to investigate?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card