Solved: Clean Air Wireless solution

rafiqmo_@hotmail.com · ‎01-25-2018

Hi,

We have the following requirements for our new project regarding Wireless,

1- Clean air solution

2-Rogue AP detection

3- Only Virtual Wireless Controller due to virtual datacentre in Cloud

Solution,

We are planning the following solution, Please can someone verify if we are purchasing correct equipment or recommend any better solution

1- Cisco 3502i AP for clean air

2- Cisco Mobilty Engine for rogue AP detection

3- Cisco virtual LAN controller vWLC ( small version)

Regards.

patoberli · ‎01-25-2018

Yes they will support several different SSID.

I don't think Mobility Express has Guest functionality (Guest Portal) built in though, for that you'd need a different product, like the CMX. There is a cloud based CMX solution and there are also other companies offering cloud based or local guest portal solutions.

See here for an example on how to solve this: https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-5/b_cisco_mobility_express_8_5/b_cisco_mobility_express_8_5_chapter_0101.html

View solution in original post

patoberli · ‎01-25-2018

And one more information, Mobility Express with software 8.5 and later actually supports 100 AP on one 2800 model:
https://www.cisco.com/c/en/us/td/docs/wireless/access_point/mob_exp/85/release_notes/b_ME_RN_85.html#id_50258

View solution in original post

patoberli · ‎01-25-2018

The 3502 is old and doesn't support 802.11ac. I suggest you go with the 2802 models.

Please note that the vWLC has quite a few limitations, have a good look into the release notes for details:

https://www.cisco.com/c/en/us/support/wireless/5500-series-wireless-controllers/products-release-notes-list.html

About how many AP are we talking here? If it's < 30 (I think), you might also want to consider the Mobility Express functionality. That would mean that the WLC is running directly on one of the APs and you don't need a vWLC. This solution is limited to, I think, 29 client Access Points in the current software.

rafiqmo_@hotmail.com · ‎01-25-2018

Thanks,

We have one HQ and two remote sites, therefore we might have more than 30 APs. But will consider 2802 AP module for clean air and virtual Mobility engine for rogue AP detection in virtual DC alongside with vWLC . You think it will work ?

Regards.

patoberli · ‎01-25-2018

It depends on the setup you are going to do.

I recommend to make each remote site standalone, meaning for each site a Mobility Express AP. But I hope others can also write their recommendations, as I've never worked with remote sites and wireless!

Not sure if you really need Mobility Engine (or do you mean Mobility Express?) though. Also, if you do choose Mobility Express, you will not need a vWLC.

A standalone vWLC has also some positive sides, you would only need to configure one WLC, instead of 3 (each remote site plus HQ).

rafiqmo_@hotmail.com · ‎01-25-2018

Thanks patoberli

Please correct me if I am wrong, as I understand from your recommendation, that we can only buy 2802 APs and run mobility express feature on it. First master 2802 AP will act as WLC and DHCP server at each site and we do not need centralised vWLC( support <30 APs).

We have requirements for Corporate and Guest wifi solution with WPA2 enterprise authentication. will this APs will be able to support both SSIDs ( guest and Corporate) ?

Regards.

patoberli · ‎01-25-2018

Yes they will support several different SSID.

I don't think Mobility Express has Guest functionality (Guest Portal) built in though, for that you'd need a different product, like the CMX. There is a cloud based CMX solution and there are also other companies offering cloud based or local guest portal solutions.

See here for an example on how to solve this: https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-5/b_cisco_mobility_express_8_5/b_cisco_mobility_express_8_5_chapter_0101.html

patoberli · ‎01-25-2018

And one more information, Mobility Express with software 8.5 and later actually supports 100 AP on one 2800 model:
https://www.cisco.com/c/en/us/td/docs/wireless/access_point/mob_exp/85/release_notes/b_ME_RN_85.html#id_50258

rafiqmo_@hotmail.com · ‎01-25-2018

Thanks

Please correct me if I am wrong, as I understand from your recommendation, that we can only buy 2802 APs and run mobility express feature on it. First master 2802 AP will act as WLC and DHCP server at each site and we do not need centralised vWLC( support <30 APs).

We have requirements for Corporate and Guest wifi solution with WPA2 enterprise authentication. will this APs will be able to support both SSIDs ( guest and Corporate) ?

Regards.

Leo Laohoo · ‎01-25-2018

I agree and 3502 is no longer appropriate. 2800 or 3800 would be beneficial, however, wait for a few more weeks. Something new is about to be announced that will be a good "fit" to CMX and Guest Portal. *Cough*, HALO, *cough*. (No, I'm not talking about an add-on module.)
Next, CMX just to do rogue AP detection? Boy, that's a waste of pretty good money. Also, read the Release Notes for CMX because some of the features require a large (image a huge truck) sum of money for the licensing.
Ok, next: What is the size of the WAN links from the head office to the two remote sites?

patoberli · ‎01-25-2018

@leo I only mentioned CMX because that's in the deployment guide for "Mobility Express and Guest Networks". While (quick) reading that part, it sounded like there is a tuned down, cloud based CMX solution for guest access.
This here: https://www.cisco.com/c/en/us/solutions/enterprise-networks/connected-mobile-experiences/cloud.html#~stickynav=1
Based on a few quick google searches, this doesn't seem to require wagon loads of money, more like ~1500 USD for a one year access for 5 AP. It was a bit hard to find real prices though, so take this number with a big grain of salt :)

Leo Laohoo · ‎01-26-2018

@patoberli wrote:

Based on a few quick google searches, this doesn't seem to require wagon loads of money

We have. There are two levels. The first level is cheap. The next level isn't.

patoberli · ‎01-26-2018

Ok :) Thanks for confirming! Based on the initial posts by Rafiqmo, I think the basic level would be enough for him. But as you already hinted, I also suggest he waits till the presentation.

Leo Laohoo · ‎01-26-2018

@patoberli wrote:
I think the basic level would be enough for him.

No idea what is suitable for his deployment. The latest CMX 10.3.X Release Notes have been changed. There used to be lines that stated some of the 10.3.X features that require CMX Advanced License. The latest revision, 17 January 2018, doesn't state this any more.

~~The Ordering Guide is also very, very vague and it doesn't state what feature(s) require what level of license.~~

I am mistaken. The latest Release Notes for 10.4.1 (Table 2) states that Hyperlocation requires the very expensive Advanced License.

patoberli · ‎01-26-2018

There is actually even another Data Sheet: https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/connected-mobile-experiences/datasheet-c78-736407.html

This one has a fairly nice table "Feature comparison for CMX Engage and CMX Engage Advanced" showing the difference between CMX Engage and CMX Engage Advanced.

It doesn't have a single mention of "Rogue", so I don't think you have any rogue management with the cloud based CMX.

Leo Laohoo · ‎01-26-2018

Rogue should be in the "Base" but I don't see how Rogue APs is important in the retail industry.