Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
438
Views
0
Helpful
4
Replies

Cisco Flex connect related query

diancious
Level 1
Level 1

‎04-15-2015 10:57 AM - edited ‎07-05-2021 02:56 AM

Hi,

 

My Corporate Headquarters has:

1. Cisco 5508 WLC

2. Centralized RADIUS server

A MAC address repository is created in the WLC for MAC address authentication. This includes MAC addresses of users from the Headquarters as well as the remote branch offices.

 

My remote branch offices have:

1. APs deployed in Flex Connect mode

2. Local DHCP server

3. Local RADIUS server

 

I have 5 SSIDs being broadcasted in the remote branch location from the Flex Connect APs.

SSID1 ----> RADIUS + Certificate + MAC filtering

SSID2 ----> RADIUS + Certificate

SSID3 ----> MAC filtering

SSID4 ----> WPA2-PSK

SSID5 ----> Web Authentication using portal page

 

The headquarters is connected to the remote branch locations using an MPLS link.

When the MPLS link between the remote location and the headquarters is up, the centralized RADIUS server at the headquarters would be preferred for authentication of the users.

In case the MPLS link goes down, which SSIDs would still carter to the users and which SSIDs would stop functioning?

Will SSID1 still work by authenticating new users from the remote location AD server? Or would the authentication fail if the MAC address repository is not reachable.

Will SSID2 work for remote location users? Will the Flex Connect APs switch to authentication using the local RADIUS server?

 

Thanks in advance.

Labels:
0 Helpful
4 Replies 4

Moin Ilyas
Level 4
Level 4

‎04-16-2015 08:35 AM

Do you have your WLANs setup in FlexConnect central switching or FlexConnect Local switching?

0 Helpful

diancious
Level 1
Level 1
In response to Moin Ilyas

‎04-21-2015 03:54 AM

Hi Moin,

 

Require your suggestion as to what should be the ideal mode. Should I put the APs in Flex Connect central switching or local switching? 

Currently work is going on local APs. Flex Connect deployment would be starting soon.

 

0 Helpful

Moin Ilyas
Level 4
Level 4
In response to diancious

‎04-21-2015 04:19 AM

It depends upon the requirement, I'd say.

For example, if you have clients that would use the local services held at the local site, it would be a good idea to have your APs in FlexConnect Local switching so that the data doesn't have to travel all the way to the controller and then to the local site.

For more details, please refer to the following links.

http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_010001101.html

https://learningnetwork.cisco.com/thread/51502

0 Helpful

diancious
Level 1
Level 1
In response to Moin Ilyas

‎04-21-2015 05:59 AM

Ok. Thanks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card