Re: Limit WLAN to B/G/N and not AC

Justin Clark · ‎07-26-2019

I'm a seasoned admin, but I'm bit new to enterprise level wireless networking so please bear with me. I've searched on this topic for quite a while and have not come up with anything.

I have a WLC5508 with SmartNET on code 8.5.140.0. I have qty 8 of AIR-CAP3602I-A-K9 access points running the same 8.5.140.0 code level as the primary sw version. We have two separate sprawling two-story buildings (~ 300 feet apart) and a detached "garage" used as a test cell. All structures interconnected with LACP bonded 4x Gig fiber links. Each building has only 3 or 4 APs plus the one out in the detached garage, so the density is fairly low.

I have installed the Cisco AIR-RM3000AC-A-K9 modular AC radios into all of these units, so technically each AP has one 2.4 GHz radio and TWO 5 GHz capable radios in them. The built-in 5 GHz radio is A/N, the modular radio is A/N/AC.

We run three WLANs. One for internal clients (domain-joined laptops only). We have another for BYOD access (cell phones, etc for employees). There is a third WLAN for outside visitors, limited to internet access only for obvious security purposes.

Each WLAN is of course on a separate VLAN and the router handles who can access what parts of the network.

What I'd like to achieve is setting the BYOD and Visitor WLANs to run on the built-in radios ONLY, while still having access to both 2.4 and 5 GHz frequencies. The WLAN for internal clients would continue to use ALL radios in order to provide the best possible coverage for engineers roaming around with their laptops. The idea is to avoid BYOD devices from using bandwidth on the AC radios that should be reserved for "real work" (company laptops).

For clarity, the ideal layout would be:

BYOD and Visitor: 2.4 and 5 GHz, A/B/G/N, but no AC radio

Internal WLAN: Both bands, all radios

When I am on the controller looking at the radio policy for each WLAN, it doesn't seem to be able to distinguish that AC is different from N. My radio options per WLAN are only showing me A/B/G choices as shown in the image below. I'd rather not limit those two WLANs to the 2.4 GHz band only in order to achieve this.

It seems like there should be a way to do this. Please advise, and thank you if you have actually read this far down my rambling post!

Rasika Nayanajith · ‎07-26-2019

You can limit BYOD WLAN to legacy rates (max 54Mbps) by simply disabling WMM on that SSID (Under QoS). That is the easiest way to control what you want.

Again it is not preventing them access to 3rd radio though.

HTH

Rasika

*** Pls rate all useful responses ***

Leo Laohoo · ‎07-26-2019

@Justin Clark wrote:

The idea is to avoid BYOD devices from using bandwidth on the AC radios that should be reserved for "real work" (company laptops).

I'm with Rasika: Disable WMM on the BYOD and Visitor SSID and this will cause the wireless clients NOT to use 802.11n/ac.

Justin Clark · ‎07-30-2019

This is interesting, and certainly one way to solve the problem, so thank you both.

It sounds like this removes the 5 GHz band from those WLANs. Is there not a way to limit those WLANs to B/G/N while still allowing 5 GHz on the N protocol?

Thanks again.

jturner2720 · ‎07-30-2019

It won't drop 5GHz, but will stop using anything better than 11a if you disable WMM.

This sounds like somewhat of a sledgehammer. If you want to limit how much bandwidth guests can use, why not do so directly with something like https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/113682-bdr-limit-guide-00.html?

Otherwise, you're looking at separate set of APs without AC that you serve the guest wlan on with.

jturner2720 · ‎07-30-2019

Also bear in mind that limiting clients to slower data rates may be counter-productive. Slower rates will spend more time on the air to transfer the same data, crowding out your work clients with their nice fast 11ac. Until Wi-Fi 6 becomes pervasive allowing multiple clients to talk at once, you're always going to be dragged down by the slowest client.

Justin Clark · ‎07-30-2019

Interesting approach, the rate limiting could work to reduce bandwidth used, but as you pointed out, if a guest client is downloading large files more slowly while still occupying the channels the AC clients are on then we haven't really improved the situation.

Disabling WMM works by keeping all guest clients off the AC band but also the N band as well, which is a bigger reduction than I was hoping for.

I've given each of you a helpful vote, as it's all been good information but I'm not sure any of these are the right solution. It seems the controller should have this as feature, I can't be the only one who wants to optimize the AC radio space for a particular WLAN. They are close with the radio choice drop-down I showed above, however is seems like maybe they haven't updated this part of the code to support the radio choices that are actually in the AP. Unless there is a technical reason you can't disallow a WLAN on a particular radio this really should be that hard to do.

patoberli · ‎07-31-2019

One less intrusive variant, set the company SSID to QoS Platinum, while you set the guest one to Silver.
You could then further tune that by creating an AVC profile with higher/lower priority applications.

In any case it's better to not disable AC for the guests.