cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
541
Views
10
Helpful
2
Replies

Questions about Wireless Networking

JinstKebe
Level 1
Level 1

So I am relatively new to professional IT. I have been given control of a ton of things with the company I am with. One of those is our Wireless Network. We are not a huge company. About 200 in office workers total. We have 4 main buildings containing the bulk of those employees and a few warehouse with 2-5 people in them.

Currently we have one access point deployed in each building which seems to give enough coverage for the people in them. I have been focused on getting the new APs up and running with the WLC as when I came on with the company that had not been done yet. As I am past that now I am working to get the deeper settings configured on the WLC. One of the things I am a bit foggy on is CleanAir. I have had a few people I know that work in tech rave about it to me. I have been reading up on it and it seems like you need a dedicated CleanAir AP that does not transmit for the network. This seems like it doesn't fit our need. Mostly looking for confirmation here if I am correct on this.

My other question here is does RRM take care of some of the same things in a more limited way without the extra monitors?

Currently we have one AP per location and each AP is in a separate WLAN with its own VLAN. Given that these locations are pretty far apart would it be feasable and/or a good idea to merge these all into a single network with a single SSID so if someone is traveling in the company their devices will link up at all locations with no additional config.

And finally can someone link a guide or reference to setting a guest network that is isolated from the internal network? I will be honest that I have not even done a cursory google search on this issue yet as it is a back burner issue for me at this time.

2 Replies 2

ajc
Level 7
Level 7

Hi there,

 

For RRM to run properly you need 4 neighbor AP's, that is per Cisco documentation. 

Arshad Safrulla
VIP Alumni
VIP Alumni

Cisco Clean Air is RF interference detection and mitigation solution, it can provide real time visibility in to RF spectrum in your premises so you can easily identify any RF interferers in WiFi spectrum, for example lets say you have some interference in 5GHz channel 36, depending on the configuration WLC will automatically change the channels on the neighboring AP's, so your wireless infra is working on clean channels. Or due to the visibility it provides you can take action manually as well.

 

Its not compulsory to have dedicated Clean Air Sensors (Monitor mode AP's) to get the clean air full feature set working, but you need to have clean air capable AP's, you can have the client serving AP's for example new Cat9120, 9130 with RF asic can scan the spectrum while serving the clients. while the older generation of clean air capable of AP's are more than capable of detecting and mitigating interferers, Cisco recommends deploying dedicated monitor mode AP's as this can provide spectrum intelligence with off channel scanning  and due to dedicated radio used for scanning more visibility. Information collected by Clean Air capable AP's are vital part of the RRM, based on the informaiton made avaialbe to RRM by Clean Air it chooses best channels where the AP's can operate on at a given point. Clean Air is a big topic which is very difficult to summarize. You may refer the below for more information. 

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/cisco-cleanair.html

 


Currently we have one AP per location and each AP is in a separate WLAN with its own VLAN. Given that these locations are pretty far apart would it be feasable and/or a good idea to merge these all into a single network with a single SSID so if someone is traveling in the company their devices will link up at all locations with no additional config.


This completely depends on your organization policies, My preference would be to maintain a Single SSID organization wide, so it will ease the management burden. Again based on your organization policies and security requirements it is up to u to decide. Design phase is the key here.

 


And finally can someone link a guide or reference to setting a guest network that is isolated from the internal network? I will be honest that I have not even done a cursory google search on this issue yet as it is a back burner issue for me at this time.


Guest deployment depends on the hardware you have, since you have multiple sites my recommendation would be to consider a Anchor and Foreign controller design. This way you can directly terminate your Guest traffic in to a DMZ. If you are using new 9800 controllers anchor controller can be optional as you can utilize a trunk interface directly connected to a DMZ segment. If you have Flex connect AP's you can have your Guest SVI directly on a Firewall or any upstream L3 device which doesnt allow traffic towards your LAN. 

Review Cisco Networking for a $25 gift card