08-15-2023 06:10 AM
We have several remote sites that had used Cisco lightweight APs with a WLC at the central location for several years. These were running in local mode. This summer, we began transitioning to cloud-managed Meraki APs. In order to support both Cisco and Meraki APs in the transition period. We created VLANs at the remote sites, and extended the VLANs across the WAN links. The connectivity to the remote sites is provided by AT&T's ASE on demand switch metro ethernet service.
It's beginning to look like this transition period may continue for some time to come and we will still need to support the 120 Cisco APs that remain in service. The issue I'm concerned about is having the VLANs extended to the remote sites means that AT&T will need to learn all the MAC addresses for each user and there is a 500 address limit that we can't go beyond. Sooner or later this will cause a bottleneck.
I had the idea that maybe converting the remaining Cisco APs to Flexconnect mode might be the answer until those APs can be gotten rid of. I'm having trouble with the making this happen without disruption. I figured I would create a separate Flexconnect WLAN with Flexconnect local switching enabled, add it to each site, and then change the mode on the Cisco APs at that site. The problem is I can't have two WLANs defined with the same SSID and same L2 security policy. I can't see how to convert to Flexconnect gradually, without having to convert all APs over at once. Any advise?
08-15-2023 06:14 AM
Hi @spfister336
Yes, flexconnect is the way to go. What you need to do is create two WLAN profile and then you can create the same SSID with different authentication and different traffic flow.
08-15-2023 06:52 AM
Different authentication might be troublesome. The PSK is hardcoded on each device. Different PSKs will make it hard to take devices from remote site to remote site. It probably doesn't happen all that often, but it is a possibility.
08-15-2023 06:59 AM
For PSK you can have one per ssid and that it.
08-15-2023 07:07 AM
So, there's no easy way to go about it? We'll have to convert all 120 at the same time?
08-15-2023 07:21 AM
What happens if you enable Flexconnect local switching and the APs are still in local mode? Will the APs still continue to function normally until the mode is changed?
08-16-2023 08:21 AM
Right ...
1. Change the APs to Flexconnect mode - you can do that any time and it will not make any difference to your existing centrally switched WLAN.
2. Create the new locally switched WLAN with the same SSID and security etc as the existing.
3. Create a new AP group with the new WLAN in it.
4. When you are ready you can move the APs at each site into the new AP group and then they will switch to the new locally switched WLAN.
5. Remember to configure the flexconnect locally switched VLAN mappings either directly on each AP or via a flexconnect group. And the AP and switchport must be using the same native VLAN for management of the AP.
The APs usually reboot when you change AP group but there seems to be a bug that it often throws an error when it should do the reboot so you might need to reboot the APs manually after changing the AP group.
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-10/config-guide/b_cg810/flexconnect.html
and plenty of other guides and videos if you search.
08-16-2023 08:30 AM
It won't let me create a second WLAN with the same SSID and security. It won't let me enable it.
08-16-2023 08:37 AM - edited 08-16-2023 08:39 AM
What WLAN numbers are you using?
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/configuring_ap_groups.html
"By default, each AP is automatically assigned to a default AP group named default-group and WLANs IDs 1 to 16 map to this default group. You must define a custom AP group for WLANs with IDs greater than 16. You must manually assign APs to custom AP groups. The default group cannot be deleted."
You should only be using WLAN numbers >16
08-16-2023 09:04 AM
OK, thank you... using WLAN numbers > 16 does let me create the WLAN. I'll give this a try!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide