Showing results for 
Search instead for 
Did you mean: 

HREAP behavior


Hello all,

I have multiple remote office locations and I have implemented HREAP using central authentication and local switching. The offices have 3 vlans. switch/router mngmnt, Wireless management and the office vlan. The access points are 3502I. The code is .

The access point IP addresses come from a DHCP scope on the local router. This is is a specific range i.e. 10.20.x.x.   This space is only permited to communicate with the central office controllers and denied any other traffic . The AP network is locked down with both an inbound and outbound set of ACL's on the office router.

The AP port on the switch is setup as a trunk and management is the native vlan .

Our IT Security group came to me with a concern. They were seeing apple traffic over the 10.20.x.x network and alot of ICMP traffic from the internet.

Questionis how is the user traffic that is setup to be switched locally getting on the AP management network ? and not staying on the user vlan ?

3 Replies 3

Rasika Nayanajith
VIP Mentor VIP Mentor
VIP Mentor

Where is your internet link to servcing these branch users ? Do they have own internet connection at each branch ? or are they coming to your central office to acces internet ?


All traffic internet included comes back to the main office.

Unless you have any other centrally switch WLAN, all traffic except capwap mgt traffic (src or dst to AP mgt IP) should terminate on your branch local swtich & then go via normal ip routing path to your cerntral office.

Best if you could a packet capture of your branch WAN link & confirm 100% you would see user traffic coming from 10.20.x.x network.

I am not 100% sure whether all packets will be locally switched or first packet will be centrally switched & rest will be locally switched. Your packet capture would prove this.



**** Pls rate all useful responses *****

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers