Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
61
Views
0
Helpful
0
Replies

Join Remote CW9166 APs to C9800-CL over Site-to-Site VPN Tunnel

ejgreco
Level 1
Level 1

‎09-11-2024 05:49 PM - edited ‎09-11-2024 05:50 PM

I am trying to join CW9166 APs at a remote site to a C9800-CL WLC at the HQ site. A site-to-site tunnel between a Meraki MX67 (remote) and FTD-2110 (HQ) has been created. The WLC can reach the APs via ping; the MX can ping the WLC sourced from the AP's VLAN/SVI. I have a DHCP scope on the MX that includes both the DNS server at HQ and Option 43 for the WLC wireless management SVI on the WLC (unfortunately you cannot configure local domains in Meraki DHCP scopes). I double-checked on the Core at HQ (routing all LANs at that site): it can ping the APs sourced from the WLC wireless management VLAN/SVI. I am not using Flex, just relying on the VPN tunnel to pass CAPWAP join requests from the APs to the WLC. Am I missing anything? Do the APs need to be put into Flex Connect mode to join the WLC over the VPN tunnel?

The general architecture:

Remote: 4x CW9166 APs (access) -> Meraki MS-250 (trunk) -> MX67 (s2s) ----> HQ: (s2s) FTD-2110 -> Core -> C9800-CL

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card