cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1631
Views
5
Helpful
4
Replies

AP's on separate subnet than AP Manager/Management interface.

Craddockc
Level 3
Level 3

Hello Community,

 

I asked a similar question awhile back and got a correct response, but I wanted to do things a bit differently this time. Here is the scenario:

 

I have a 5508 WLC. Currently the AP Manager and Management interface are one in the same. I dont think the 5500 series WLCs even have separate ap manager's. The current situation is that the management/ap manager interface is on untagged vlan 1 (terrible I know) and all the AP's are connected at our access layer switches through switchports in static access mode (also on Vlan 1). The WLC is LAG to a 3750 in the middle of the network. I was thinking about just placing the management interface in a tagged vlan along with all the AP's in the same vlan on the same subnet, which would be ideal I think. But this would create an end to end vlan situation where im trunking the same vlan across the network. Ive manually pruned all my trunks to only carry the vlans applicable to that segment. Which means that i would have to go to every switch in the network, create the "CAPWAP" vlan and then add that vlan to the allow list on my trunks. All my switches are in VTP Trans mode. 

So the question is: Can I make it to where the AP's themselves reside on separate vlans while still being able to communicate with the WLC manager interface that resides on a different vlan? Would this be accomplished through DHCP option 43? I thought I read that you have to have multicast routing set up to accomplish this? And are there any noticeable performance penalties to doing it this way, as opposed to the AP's and the Manager Interface just being on the same subnet? Any help would be appreciated. Thanks.

 

Chris.

1 Accepted Solution

Accepted Solutions

Leo Laohoo
Hall of Fame
Hall of Fame
Can I make it to where the AP's themselves reside on separate vlans while still being able to communicate with the WLC manager interface that resides on a different vlan?

As long as the AP's management IP subnet can reach the WLC's subnet, it will work.

Would this be accomplished through DHCP option 43?

Yes.

And are there any noticeable performance penalties to doing it this way, as opposed to the AP's and the Manager Interface just being on the same subnet?

Depends on your Layer 3.  If you've got good routing, then no.  

View solution in original post

4 Replies 4

Leo Laohoo
Hall of Fame
Hall of Fame
Can I make it to where the AP's themselves reside on separate vlans while still being able to communicate with the WLC manager interface that resides on a different vlan?

As long as the AP's management IP subnet can reach the WLC's subnet, it will work.

Would this be accomplished through DHCP option 43?

Yes.

And are there any noticeable performance penalties to doing it this way, as opposed to the AP's and the Manager Interface just being on the same subnet?

Depends on your Layer 3.  If you've got good routing, then no.  

Leo,

Thank you for the concise responses. I apologize my post was a little wordy. I did have a follow up question though. What is your opinion on doing it this way as opposed to just having all the AP's and the WLC on the same subnet? The only reason I am suggesting this is to avoid the end to end vlan situation it would create as I have AP's on ever segment on my network. In your opinion, what is best practices? Thanks.

What is your opinion on doing it this way as opposed to just having all the AP's and the WLC on the same subnet? 

It all boils down to two major factors:  The size and "shape" of your network and your confidence.  

 

If your network is a Layer 3 network, then putting the APs in their own separate IP address is a no-brainer.  This helps you a lot if you are deploying APs in different physical location.  

 

If you have an office presence of just one floor then you can put the AP IP subnet in the same subnet as the WLC, the switch, the router, etc.  Just make sure you don't run out of IP address space.  

Leo,

Thanks for this. So to clarify, if I have inter vlan routing capability I should have the AP's just reside on the local vlan in their location? Otherwise have them reside on the same subnet as the WLC? Thanks.

Review Cisco Networking for a $25 gift card