Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
874
Views
10
Helpful
6
Replies

Single SSID for Centrally switched and Flex local switched WLAN

siddhukaturi1
Level 1
Level 1

‎06-07-2016 02:38 AM - edited ‎07-05-2021 05:11 AM

Hi Team,

Currently I am working in a medium level company,my doubt is,If is their any possibility to make single SSID for  Centrally switched and Flex local switched WLAN. All our branches are connected through MPLS. We have 3 SSID's.ER,ER-Internal,ER-External.Users connected to ER and ER-Internal should get local Intranet,People connected to ER-External should access the internet from HQ(Where WLC is actually placed).If suppose MPLS is down,is their any possibility that Branch offices to access the same SSID (Except ER-External) and should get the internet from local LAN?

Kindly help us in this issue

Thanks in advance.

Labels:
0 Helpful
6 Replies 6

Prabath Godevithanage
Level 4
Level 4

‎06-07-2016 04:14 AM

what you are explaining in the description is possible in fact is what I believe most people would do and we have similar setups too.

To be clear(I've word this little differently),You'd have local mode APs at the central site and Flex connect  APs for your remote sites.At remote sites you'd have ER,ER-Internal WLANs configured as Flex-Connect local switching and ER-External as central switching.

Now if  you have flex connect local switching configuration, when the MPLS service is down Flex-Connect APs will continuously serve the connected clients.You also can go further and configure "Flex connect local auth"  as well,That's if you are required to authenticate new users when the MPLS service is down.Flex connect is little difficult to setup and operate but it is there for this purpose 

I  assume your intranet is locally hosted at each site or have a secondary path to the intranet from remote sites when the mpls is down.

***Please rate all the useful posts***
-Prabath
Preview file
30 KB

siddhukaturi1
Level 1
Level 1
In response to Prabath Godevithanage

‎06-07-2016 04:26 AM

Hi Prabath,

Thanks for your reply,

Yes,internet is locally hosted at each site.

When ever MPLS is down,should remote access points can still shows the same SSID's and users can get the internet from local LAN,Kindly clear my Doubt.

Requirements: same SSID for both central and flex local switched WLAN

When ever MPLS is down,users can still connected to ER and ER-Internal.

0 Helpful

Prabath Godevithanage
Level 4
Level 4
In response to siddhukaturi1

‎06-07-2016 04:53 AM

"When ever MPLS is down,should remote access points can still shows the same SSID's and users can get the internet from local LAN,Kindly clear my Doubt." - Yes,

With Flex-Connect local switching you'd map your SSIDs to your site vlans.If your vlan could get internet while MPLS is down it would work for you.Please note.For your remote sites, your SSIDs will be local switching regardless whether the MPLS is down or not.Here is the configuration guide and it'll give some further information

"Requirements: same SSID for both central and flex local switched WLAN" - Yes

"When ever MPLS is down,users can still connected to ER and ER-Internal." - Yes ,existing connections will be maintained.if you are required your remote site users to authenticate while the MPLS is down then you need to configure that as an additional step

***Please rate all the useful posts***
-Prabath

siddhukaturi1
Level 1
Level 1
In response to Prabath Godevithanage

‎06-07-2016 05:05 AM

Hi Prabath,

Thanks for your response again

"if you are required your remote site users to authenticate while the MPLS is down then you need to configure that as an additional step"--Yes this is my exact question,what if MPLS is down (HQ/Remote sites),remote users to access the internet with same SSID's what is that additional step.Kindly explain me.

0 Helpful

Prabath Godevithanage
Level 4
Level 4
In response to siddhukaturi1

‎06-07-2016 05:37 AM

you have to enable and configure local authentication in that case.if you are using 802.1x authentication on your WLANs you have to have a local radius server at each site to authenticate new users.you don't need that for PSK WLANs

here I am directing you to the flex connect -  local authentication, local switching section for further read.There are some configuration examples there too.simply you'll be configuring it in the flex connect group section.you'd find options to enable and configure it 

***Please rate all the useful posts***
-Prabath
0 Helpful

siddhukaturi1
Level 1
Level 1
In response to Prabath Godevithanage

‎06-07-2016 04:53 AM

Hi Prabath,

Kindly look into the below attachments, WLC is located in HQ,we need to place the remote access points over all India. In HQ We have 3 SSID's ,ER,ER-Internal,ER-External.

For ER and ER-internal I changed the mode Flex connect and Mapped the Vlan ID's in Flexconnect Tab.As tested I successfully got the result that is one who connected to ER and ER-Internal access the local intranet and people connected to ER-External can access the internet from HQ.

Now my doubt is what if MPLS is down,should remote users still access the ER and ER-Internal 

Kindly help me on this

Thanks in advance

Preview file
36 KB
Preview file
36 KB
Preview file
27 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card