01-20-2014 02:52 PM - edited 07-05-2021 12:00 AM
Hello,
I have some questions regarding the Flexconnect CAPWAP tunnel for Flexconnect APs with local switching.
1. If I have 10 Flexconnect APs at my branch, would that create 10 CAPWAP tunnels to the WLC located in HQ.
2. How often the flexconnect AP will send the CAPWAP to WLC?
3. What is the size of flexconnect CAPWAP tunnel keepalives?
4. By default, is CAPWAP tunnel (regardless local or flexconnec) encrypted?
5. The DMZ firewall, what ports should be allowed for the guest traffic (anchor WLC)? Is it just 5246 or 5246 and 5247?
6. Is EoIP encrypted or clear text?
I remember reading something like instead of using EoIP for mobility anchor or foreign wlc, CAPWAP can also be used. I am not sure if this is true or not.
Thanks
01-20-2014 03:17 PM
1. If I have 10 Flexconnect APs at my branch, would that create 10 CAPWAP tunnels to the WLC located in HQ.
> You might be getting confuesd with mobility tunnels. The AP can support the max it is licensed for
2. How often the flexconnect AP will send the CAPWAP to WLC?
>
3. What is the size of flexconnect CAPWAP tunnel keepalives?
> Look at the previous question
4. By default, is CAPWAP tunnel (regardless local or flexconnec) encrypted?
> Only if you enable Data Encryption, by default this is not enabled. Typically use only on OfficeExtend
5. The DMZ firewall, what ports should be allowed for the guest traffic (anchor WLC)? Is it just 5246 or 5246 and 5247?
>This doesn't matter since guest traffic would be central switching and you would have a mobility anchor to the guest anchor WLC
6. Is EoIP encrypted or clear text?
> Data is not encrypted unless you enable Data Encryption with the DTLS license.
Some links:
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a0080901caa.shtml
http://www.cisco.com/en/US/products/ps11635/products_tech_note09186a0080b7f141.shtml#ft
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
01-21-2014 03:08 AM
Scott,
I used to work on Motorola's wireless devices and their Flexconnect version was called RF-Domain Manager (AP). Moto uses MINT protocol instead of CAPWAP. The reason I asked the question number one was that on Moto only the RF-Domain Manager talks to the controller, and the rest of the APs reports to RF-Domain Manager. I am not sure how much bandwidth MINT adds, but it is less bandwidth since it's only the domain-manager that talks to the controller.
Before I asked the question number one, I was thinking that each Flex AP reports back to WLC.
About the Q 3, I got confused about this. I was reading the CUWSS quick reference guide, and it mentioned that each AP sends CAPWAP traffic control to the controller and this CAPWAP traffic control size is 0.35kbps; I'm assuming this is local mode only.
I was talking to Cisco rep a couple months ago about Flex APs, he mentioned that a Flex AP takes about 12kbps, so if I have 10 flex APs that would be 120kbps.
01-21-2014 03:54 AM
I couldn't tell you that info exactly because there would be different numbers depending if AP's are trying to discover, just sending heartbeats, RRM info, etc.
Maybe others out here actually had tools to monitor capwap on the WAN, but none of my customers ever had to or did.
Sent from Cisco Technical Support iPhone App
01-20-2014 09:15 PM
I remember reading something like instead of using EoIP for mobility anchor or foreign wlc, CAPWAP can also be used. I am not sure if this is true or not.
This is true if you are using NGWC (5760/3850) or existing controllers like 5508/WiSM2 with specific Aireos images (7.3.112.0, 7.5.102 or 7.6.100.0) & new mobility (also called hierarchical mobility) feature turn-on in those controllers.
Here is the config guide reference how to enable this feature
http://www.cisco.com/en/US/docs/wireless/controller/7.5/config_guide/b_cg75_chapter_010010101.html
Hers is the mobiity packet format in that scenario
HTH
Rasika
**** Pls rate all useful resposnes ****
01-23-2014 08:03 PM
Rasika,
I apologize for my late reply. Is it better to use CAPWAP for mobility anchor or foreign WLC?
Thanks
Sent from Cisco Technical Support iPhone App
01-23-2014 08:25 PM
Enable new mobility (or CAPWAP inter-controller mobility) if you have any plan to use NGWC (5760/3850) within your environment with existing these controllers in a mix.
Otherwise you can simply run typical EoIP mobility which is the standard for all legacy controllers (5508/WiSM2/2504)
HTH
Rasika
*** Pls rate all useful responses ***
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide