Re: Enable Flex Connect mode in WLC

Raj_82 · ‎05-20-2022

We have two branch offices and the WAN is connected through IPsec tunnel. Presently those two office has Couple of AP's and it is connected to DC WLC in local- Centralize switching mode.

Now we are planning to enable Flex Connect mode to branch office AP's.

Single SSID is used for corporate user. IN order to enable Flex conenct local switching mode in the SSID , will it cause any issue excising wireless users those using this SSID. Or we need to create separate SSID ?

MHM Cisco World · ‎05-20-2022

Central switching but what about l2 secuirty are it done in wlc?

You need also to be sure that ap can forward clinet traffic, config svi in sw , config dhcp for client.

Flavio Miranda · ‎05-20-2022

Hi

Flexconnect mode implies a lot of changing. And Yes, it will impact currenltly clients. At least, build up a new temporary ssid as a midle step to the final scenario

You need to think about how they will get IP address, how they will authenticate and the path they will take with this new topology.

A lot to think through. In local mode mode, communication start from wlc and the capwap tunnel work as an overlay topology and abstract many step for you.

Leaving the traffic locally, can uncover many challenges.

Raj_82 · ‎05-20-2022

Yes L2 security is configured in WLC

Presently the AP is connected to "Switchport mode access ". We will configure the port into Trunk mode while enabling the flex connect.

Can we enable flexconnect local switching for existing SSID or do we need create new one?

Raj_82 · ‎05-20-2022

Thank you for the answers. I will setup one SSID for testing and let you know outcome.

ammahend · ‎05-20-2022

Now we are planning to enable Flex Connect mode to branch office AP's.

can you answer why you made this decision ?

-hope this helps-

Raj_82 · ‎05-20-2022

We’ve got complains from users disconnection from the wireless network from branch office, and I’ve noticed that there’re quite a fair bit of disassociations from the APs.

I have attached the logs

Please suggest if any other option available to fix this issue without changing flex connect

Thank you.

marce1000 · ‎05-20-2022

>....Please suggest if any other option available to fix this issue without changing flex connect

- Look into . https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/200046-tac-recommended-aireos.html , advised to execute first . check if that can help.

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

ammahend · ‎05-21-2022

You can verify these resets against this link.

https://www.cisco.com/c/en/us/support/docs/wireless/aironet-3700-series/117869-technote-ap-00.html#anc2
most of them are 62 “Radio channel set. Reset while setting channel from Control and Provisioning of Wireless Access Points (CAPWAP)” by changing to flexconnect, you are only shifting the data plane to AP locally your control place remains at controller, which these messages are complaining about so moving to flexconnect will not necessarily solve your problem specially if your resources and internet are central . I think You have to investigate more on the link (IPsec, may be it’s timeout or MTU issue, just saying) or use one of the AP as mobility express and keep control plane also local to the site as well, since there are only few APs there.

hope this helps

-hope this helps-