Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1607
Views
0
Helpful
9
Replies

WLAN Sharing Detail

Go to solution
Muhammad Amin Zia
Level 1
Level 1

‎02-21-2019 11:28 PM - edited ‎07-05-2021 09:55 AM

Hello Experts -

I have a WLAN controller (2504) at Head office and have APs on the branch end. Users at branch office getting connected with the AP and getting IP address from Head office DHCP server. It is working fine because all of my internet is going via head office. Now I want to give local internet to the branch office and need to have a single SSID that should be broadcasted in headoffice and branch office. AP's needs to be connected with the Head office WLAN controller. My concern is if the User connected to the branch office via AP will get the IP address pool of the headoffice and Internet will remain routed via Head office.Now what I want is to get different IP Pool from head office via same AP that is connected to WLAN controller and on a single SSID which is broadcasted in Headoffice and branch office but branch office should get different IP pool via DHCP and head office get different IP Pool. Please let me know if you guys have any query in the above said statement. Looking forward for the helpful comments.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
patoberli
VIP Alumni
VIP Alumni
In response to Muhammad Amin Zia

‎03-12-2019 05:52 AM

You can do that with AP Groups. You can define a different virtual-interface (lan) per AP Group. Not sure if you require FlexConnect for this, but with that it should also be possible. That would be SSID with Local Switching.
Some infos: https://community.cisco.com/t5/wireless-mobility-documents/wireless-lan-flexconnect-configuration-example/ta-p/3112924
https://community.cisco.com/t5/wireless-and-mobility/flexconnect-branch-configuration-on-wlc/td-p/2641733

View solution in original post

0 Helpful
9 Replies 9

Go to solution
marce1000
VIP
VIP

‎02-22-2019 12:23 AM

 

 - You can easily assign a specific subnet (address-range) to the branch office and or within the central DHCP server. Further routing and or Firewalling setups on your Intranet infrastructure can make sure that this subnet will then use the 'local-path' for Internet access. (the 'global SSID' remains the same)

M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
Muhammad Amin Zia
Level 1
Level 1
In response to marce1000

‎02-22-2019 01:34 AM

Thank you for your reply. How can branch DHCP request will be recognized that it should assign to another subnet (another then Head office subnet) because each SSID will use the interface on WLAN controller and that interface use a specific Head office IP subnet. If Branch office request for DHCP via this SSID it will be assigned the Headoffice IP subnet. I think you are aware that WLC creates a tunnel with its associated AP's to provide a similar IP to other regions.

0 Helpful

Go to solution
Haydn Andrews
VIP Alumni
VIP Alumni

‎02-24-2019 01:37 PM

Two Options I can see:

You could look at making the branch office APs Flexconnect.

Enabling local switching on the WLAN for the Branch office APs to drop off locally and get their IP from a DHCP server attached to that office.

Flexconnect deployment guide:

https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/Enterprise-Mobility-8-5-Design-Guide/Enterprise_Mobility_8-5_Deployment_Guide/ch7_HREA.html

 

When you configure an SSID for local switching, it is only applicable if AP in Flexconnnect mode. So as long as your HQ APs are in Local mode then all those users traffic will be central switch for the given SSID. At branch those AP are in Flex mode, they will locally switched.

 

The other option would be:

If your using 802.1x authentication for the WLAN you could also look at using AAA override to place them into a different interface/ VLAN on the head office controller.

 

Now I take it the reason you have added a local internet break out is so you can reduce the amount of traffic over the WAN. Due to this using Flexconnect would be the best option, other wise if still using local mode the traffic path would be AP to WLC via WAN, then back to branch office via WAN to route out the local internet link. This would also require routing on the head office to send that traffic to the branch internet link.

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***
0 Helpful

Go to solution
Muhammad Amin Zia
Level 1
Level 1
In response to Haydn Andrews

‎02-25-2019 11:45 PM

Thanks thats great. Yes I am using 802.1x at branch offices. can you share any deployment guide for the method 2?

0 Helpful

Go to solution
Muhammad Amin Zia
Level 1
Level 1
In response to Haydn Andrews

‎03-11-2019 03:50 AM

Hello Haydn,

I searched on your suggestion. I can use flexconnect in my remote offices but the SSID that has been broadcasting via branch and Headoffice AP's should be same. For Example (SSID: Cisco). I want that when branch office users get connected with the (SSID Cisco) they will get the IP from brach DHCP and when Headoffice users connect to the same (SSID Cisco) they will get the IP address from Headoffice DHCP. In this manner both Headoffice and branch have different IP pools and they will easily route to the internet separately. I appreciate your quick response.

0 Helpful

Go to solution
patoberli
VIP Alumni
VIP Alumni
In response to Muhammad Amin Zia

‎03-11-2019 05:28 AM

Make sure your DHCP lease expiration is lower than the time required to move from branch to main office! That way the client will get a new one when connecting again in your office.
There would also be the possibility for L3 roaming, but you should only do that if you have enough bandwidth between the sites.
0 Helpful

Go to solution
Muhammad Amin Zia
Level 1
Level 1
In response to patoberli

‎03-11-2019 10:12 PM

Sure I will maintain the DHCP release time for users roaming but I want that when branch office users get connected with the (SSID Cisco) they will get the IP from brach DHCP and when Headoffice users connect to the same (SSID Cisco) they will get the IP address from Headoffice DHCP. How can I achieve this by using single SSID on both ends (i.e. Headoffice and Branch). As far as I know when SSID is maintained by the controller then users will connect that SSID and get the IP address from SSID's interface/vlan DHCP pool.

0 Helpful

Go to solution
patoberli
VIP Alumni
VIP Alumni
In response to Muhammad Amin Zia

‎03-12-2019 05:52 AM

You can do that with AP Groups. You can define a different virtual-interface (lan) per AP Group. Not sure if you require FlexConnect for this, but with that it should also be possible. That would be SSID with Local Switching.
Some infos: https://community.cisco.com/t5/wireless-mobility-documents/wireless-lan-flexconnect-configuration-example/ta-p/3112924
https://community.cisco.com/t5/wireless-and-mobility/flexconnect-branch-configuration-on-wlc/td-p/2641733
0 Helpful

Go to solution
Muhammad Amin Zia
Level 1
Level 1
In response to patoberli

‎03-18-2019 03:37 AM

Thank you Patoberli. I appreciate it.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card