Re: cisco flexconnect

Anjana A · ‎12-15-2022

Hello Team,

we are using flex connect mode of access point, in which the data traffic switching locally and central authentication.

here i have doubt, whether the user authentication traffic (control traffic) how it will reach controller.

user>> cawaptunnel>> wlc>>> aaa

( or)

user>> ap>> switch>> coreswitch>> isp?? wlc.

whether the branch site isp have any impact on the control traffic.

in case if the branch has high bandwidth utilization users cant authenticate or any disconnection may happen?

Regards,

Anjana

Haydn Andrews · ‎12-15-2022

In flexconnect central auth local switching traffic flow is:

Based onf 802.1x Auth (remove RADIUS if just PSK):

Client>AP>WLC (Via what ever transport is between AP and WLC (LAN/WAN etc)>RADIUS server (via what ever transport is between WLC and RADIUS Server)>WLC>AP> Client

In event of high bandwidth WANs then recommend QOS to proritise CAPWAP control traffic.

Other option is Flexconnect Local Auth if you need everything to remain within the site

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

Anjana A · ‎12-15-2022

Hello Andrew..

pls confirm how to priotrise the capwap tunnel traffic, by priotrise the ap management vlan or qos on the router?

Regards,

Anjana

Haydn Andrews · ‎12-15-2022

On the AP management VLAN create a QOS policy to poritise CAPWAP Control UDP 5246 to the WLCs

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***