cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
455
Views
3
Helpful
4
Replies

Redirect ACL Flow for Local switching versus Central switching

Hi All,

I would like to know if Local switching is happening for a SSID then traffic match for redirect ACL will be perform by AP or WLC.

For central switching, If I mot mistaken then traffic match for redirect ACL will be perform by WLC, but I am confused what will happened if Local switching is happening.

4 Replies 4

marce1000
VIP
VIP

 

  - For local switching it will then happen on the APs ; checkout :
                    https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/213920-central-web-authentication-cwa-on-cata.html#toc-hId-814074466

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Hi,

If I am correct then you are taking about below section, right?

 

Flexconnect Local Switching Access Points Only

What if you have Flexconnect local switching access points and WLANs? The previous sections are still valid. However, you need an extra step in order to push the redirect ACL to the APs in advance.

Navigate to  Configuration > Tags & Profiles > Flex and choose your Flex profile. Then, navigate to the Policy ACL tab.

 

balaji.bandi
Hall of Fame
Hall of Fame

check there is couple of example on this configuraiton guide that explain how you can configure :

https://www.cisco.com/c/en/us/support/wireless/catalyst-9800-series-wireless-controllers/products-configuration-examples-list.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

ammahend
VIP
VIP

An easy way to think about it is that for the traffic to be redirected the traffic must hit to redirect ACL, in central switching the traffic is carried all the way to the controller through CAPWAP tunnel and controller is the first place traffic hits the ACL so the redirect happens on the controller. In local switching The traffic is terminated on the local AP so the redirect happens at the AP. The redirect ACL is pushed to the AP by mapping the redirect ACL under the flex connect profile.

-hope this helps-
Review Cisco Networking for a $25 gift card