Thanks. But why wouldn't regular "local mode" work in these scenarios?

AP's stay up if they loose connection the the WLC in FlexConnect but not in local mode.

Sent from Cisco Technical Support iPhone App

I appreciate your answers, but I must be missing something - please bear with me.

In the URL (linked in my original post), it states that with central auth and central switching, if the link dies:

"Central switched WLANs (above) no longer beacon or respond to probe requests when the FlexConnect AP is in standalone mode. Existing clients are disassociated."

That's using 802.1x. Per shared key will still keep clients. It comes down to loosing the wan. If you loose the wan, do you care about wireless.

Sent from Cisco Technical Support iPhone App

Thanks for your help Scott. I'm not in full agreement with all you say, but you have helped me figure it out.

You said the article was related only to 802.1x, but the article states that "802.1X is used in the example, but other mechanisms are equally applicable.".

The article you linked regarding FlexConnect groups also states that central switching is only valid in "connected mode", i.e., when the WAN is up.

However, I have found the following, which kind of explains the purpose of a central switched FlexConnect deployment

http://www.cisco.com/en/US/products/ps11635/products_tech_note09186a0080b7f141.shtml#central

Thanks again.

You asked about local mode vs FlexConnect... Local mode requires the AP and WLC to have connectivity between them.  FlexConnect doesn't.  So when a FlexConnect is operational, it can be Connected or Standalone.  There are limitations to FlexConnect mode when compared to local mode.  The decision on using Flexconnect is simple... is it a remote site and the link isn't a big pipe.  Central switching depends on if you want traffic to tunnel back or not.... if all resources has to come back to HQ, then you centrally switch, if they have services out at the sites, you locally switch.  Authentication is a small piece to this, because, you have to take into consideration if the WAN goes down.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

Thanks Scot,

I understand the difference and need for Flex connect.

I join the new company, I see all APs are in local mode from my WLC but when I go the switch connected with WLC, I saw that interfaces connected with APs are configured with command: switch port trunk allowed vlan guest,staff

According to my understanding interfaces connected with WLC are configured with trunk and interfaces connected with APs are always in access mode and should be accessed in wireless vlan.

On Other switches, APs are connected with ports in default state and nothing is configured like (switch port mode access)

Thanks,

The strange thing is its working ideal.

Thanks