Solved: Re: AP-manager interface vs Manager interface

john11022 · ‎08-24-2023

Hi guys, can anyone help clarify the uses and differences of AP-manager interface and manager interface? From boson exsim the explanation states that manager interface is for L2 communication between WLCs and APs and AP-manager interface is used for L3 communication between WLCs and APs instead. And also from this website it says that AP-manager interface is only used after an LAP has joined the WLC. Does this mean that the authentication packets like radius or tacacs are exchanged via the manager interface, and after the LAP has joined the WLC, they form CAPWAP control tunnels via the AP-manager interface? And only the manager interface is used for WLC GUI access? Thanks in advance!

Flavio Miranda · ‎08-24-2023

Hi @john11022

You are basically right in all that you said. The Management interface is used to manage the WLC and it includes SSH,HTTP,HTTPS and Radius request, DHCP,etc.

AP management interface is the interface, as the name says, used to join Access Point. The difference in the name make it confuse but in almost 100% of the cases the Management interface and the AP management is the same. However, if you for some reason you need to make another interface as AP management it is possible.

Lets consider that you have Vlan100 on the WLC as one of your dynamic interface and you want this dynamic interface to be the interface APs will use to join the WLC. You can to that and then you have the Management interface and another interface as AP management interface.

You just need to check the check bottom shown below in order to turn one dynamic interface into AP management interface

View solution in original post

Flavio Miranda · ‎08-24-2023

Hi @john11022

You are basically right in all that you said. The Management interface is used to manage the WLC and it includes SSH,HTTP,HTTPS and Radius request, DHCP,etc.

AP management interface is the interface, as the name says, used to join Access Point. The difference in the name make it confuse but in almost 100% of the cases the Management interface and the AP management is the same. However, if you for some reason you need to make another interface as AP management it is possible.

Lets consider that you have Vlan100 on the WLC as one of your dynamic interface and you want this dynamic interface to be the interface APs will use to join the WLC. You can to that and then you have the Management interface and another interface as AP management interface.

You just need to check the check bottom shown below in order to turn one dynamic interface into AP management interface

john11022 · ‎08-24-2023

Hi Flavio, thanks for the reply.

Is it correct to say that if I were to create an AP-manager interface, that interface will be used to terminate CAPWAP control and data tunnels? And once the data reaches the WLC from LAP, it will be mapped to VLAN from WLAN and sent out the dynamic interface of the WLC, right? The manager interface is not used throughout the process, right?

Flavio Miranda · ‎08-24-2023

"Is it correct to say that if I were to create an AP-manager interface, that interface will be used to terminate CAPWAP control and data tunnels?"

Yes.

"And once the data reaches the WLC from LAP, it will be mapped to VLAN from WLAN and sent out the dynamic interface of the WLC, right?"

It depends. If the AP is local mode the traffic will come to the WLC using the capwap tunnel stablished on the AP management interface and the WLC will drop the traffic on the dynamics interface accordingly. Or even send it out through the Management interfaces

"The manager interface is not used throughout the process, right?"

The AP management interface is the interface used for capwap tunnel. So, if the AP is local mode, all the traffic will come to the WLC using this interface but the egress traffic can be sent using another interface.

john11022 · ‎08-25-2023

Thanks for the help, Flavio!