Download - brkagg-2010
-
7/29/2019 brkagg-2010
1/98
2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 1
Design and Deployment of EnterpriseWLANs
BRKAGG-2010
-
7/29/2019 brkagg-2010
2/98
2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 2
Design and Deployment of EnterpriseWLANs
BRKAGG-2010
-
7/29/2019 brkagg-2010
3/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 3BRKAGG-2010
Presentation_ID
What You Will Learn
Theory of operations of the Cisco Unified WLAN Architecture
Lightweight access point protocol (LWAPP)
WLAN controllers (WLC)
Mobility
QoSand Multicast
Design and deployment guidelines for the Cisco Unified WLANArchitecture
Campus
Branch office
-
7/29/2019 brkagg-2010
4/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 4BRKAGG-2010
Presentation_ID
What You Should Already Know
Cisco networking basics (routing and switching)
Campus network design concepts
802.11 WLAN fundamentals
RF basics
WLAN security
-
7/29/2019 brkagg-2010
5/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 5BRKAGG-2010
Presentation_ID
What We Wont Cover
Autonomous access pointsand WLSE
WLAN security in depth
RF security (rogue APdetection, W-IDS)
Wireless control system(WCS)
Location-based services
Outdoor (bridging andmesh)
Marketing pitch
Roadmap
LWAPP Basics (touch)
-
7/29/2019 brkagg-2010
6/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 6BRKAGG-2010
Presentation_ID
Session Agenda
Understanding the Cisco Unified Wireless Architecture
Lightweight Access Point Protocol
Understanding Mobility
Understanding Qos and Multicast Deploying the Cisco Unified Wireless Architecture
Connecting Controllers and APs to Networks
Campus WLAN Controller Designs
Branch Office WLAN Controller Designs
Migration from Autonomous APs to the Controller-basedArchitecture
-
7/29/2019 brkagg-2010
7/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 7
BRKAGG-2010
Presentation_ID
Ciscos Evolving Wireless Technology
Unified Wired+Wireless
Integrated and Unified Security (AAA, NAC, SDN,IDS/IPS, etc)
Exploding Number of Wi-Fi Clients (Laptops, Dual-Mode PCS Phones, Video PDAs)
Higher-Capacity, Higher-Density WLANs (PicoCells)
Unified Wired+Wireless Support for Applications(Voice/Video, Location Services, AAA)
Extending Networking Outdoors (Mesh, Outdoor AP,Etc.)
Enterprise Scale and Reliability
Centralized Management and Control
Layer 2/3 Mobility
Wireless IDS/IPS
Hierarchical Approach for Scalability
Voice Support
Centralized
WLAN Systems
Best in Class Range/ Throughput
Enterprise-Class Security
Capital Efficiency
Wireless Connectivity
2000 - Present 2003 - Present 2005 - Future
-
7/29/2019 brkagg-2010
8/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 8
BRKAGG-2010
Presentation_ID
Wireless LAN Mobility Services
Security Guest Voice Location
Guest networksfor customers, partnersand auditors
Vendor replenishmentnetworks
Public access networks
Automatic, 24 x 7security and compliancemonitoring for breachesvia wireless medium
Network access controlbased on user location
Asset managementLocation-based content
distribution
Streamlined workflowusing historical locationdata
Real-time mobile voicecommunications
Improved collaborationvia mobile unifiedcommunications
Faster customer serviceresponse
Pervasive Wireless Network
-
7/29/2019 brkagg-2010
9/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 9
BRKAGG-2010
Presentation_ID
LWAPP Overview
-
7/29/2019 brkagg-2010
10/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 10
BRKAGG-2010
Presentation_ID
Section Agenda
Quick Facts
LWAPP Join
Wireless LAN Controller Basics
Centralized vs Local Switching
Mobility
Location
WCS Fundamentals
Data Delivery
Unicast/Multicast
TCP/UDP
However beautiful the strategy, you should occasionally
look at the results. Winston Churchill
-
7/29/2019 brkagg-2010
11/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 11BRKAGG-2010
Presentation_ID
Quick Facts
WCS
Windows 2003/Linux
3000 Access-Points
40,000 Events
WCS Navigator
20 WCS Managers
30,000 Access-Points
Network Wide SearchCapability
WLC
IPv4/IPv6
Multicast/QoS
More 5000 Clients
512VLAN Support
Beyond 150 Access-Points
24 WLCs per Mobility Group
72 WLCs with Mobility Lists
500 Rogues
Radio Resource Management
PER WLAN DTIM Support
Location
RSSI and TDOA Methods
10,000 devices
Open API
Multi-Vendor RFID support
-
7/29/2019 brkagg-2010
12/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 12BRKAGG-2010
Presentation_ID
Section Agenda
Controller-based Architecture Overview
Lightweight Access Point Protocol (LWAPP)
Protocol Overview
LWAPP AP Discovery and Join ProcessLWAPP Operations
Mobility in the Cisco Unified WLAN Architecture
Qos implementation in LWAPP
Multicast behavior in LWAPP
Architecture Building Blocks
-
7/29/2019 brkagg-2010
13/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 13BRKAGG-2010
Presentation_ID
The LWAPP JoinState Machine (Simplified)
LWAPP defines a state machine thatgoverns the AP and controllerbehavior
Major states:
DiscoveryAP looks for a controller
JoinAP attempts to establish a securedrelationship with a controller
Image DataAP downloads code from
controllerConfigAP receives configuration from
controller
RunAP and controller operate normally andservice data
ResetAP clears state and starts over
Note: LWAPP/CAPWAP RFCdefines other states
-
7/29/2019 brkagg-2010
14/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 14BRKAGG-2010
Presentation_ID
Central Switching VS Local Switching
Hybrid REAP
Devices that requirelocal connectivity
Hybrid REAP
Normal LWAPP/CAPWAPData Flow
Central switching of all othertraffic
Data VLAN
Voice VLAN
Management VLAN
Local VLAN
LWAPPTunnel
Centrally SwitchedLocally Switched
-
7/29/2019 brkagg-2010
15/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 15BRKAGG-2010
Presentation_ID
Section Agenda
Controller-based Architecture Overview
Lightweight Access Point Protocol (LWAPP)
Protocol Overview
LWAPP AP Discovery and Join ProcessLWAPP Operations
Mobility in the Cisco Unified WLAN Architecture
QoSimplementation in LWAPP
Multicast behavior in LWAPP
Architecture Building Blocks
-
7/29/2019 brkagg-2010
16/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 16BRKAGG-2010
Presentation_ID
Mobility Defined
Mobility is the killer app for WLANs
Mobilityend-user device is portable but still capable ofbeing connected to networked resources
Roaming occurs when a wireless client movesassociation from one AP and re-associates to another
Mobility/roaming presents new challenges:
Architecture must scale to support client roaming
Client roaming must be fast and preserve security, QoS, etc.
-
7/29/2019 brkagg-2010
17/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 17BRKAGG-2010
Presentation_ID
How Clients Connect
AP handles real-time 802.11control and management
Non-real time 802.11 handledat controllerincludingassociation/re-association
Controller is the 802.1xauthenticator
Controller centrally storesclient QoS, security context
802.11 data frames are
encrypted/decrypted at the RFinterface
Action frames aremanagement frames asdefined by 802.11
LWAPP Tunnel
Ingress/Egress pointfrom/to upstreamswitched/routed wirednetwork (802.1Q trunk)
Switched/Routed Wired Network
LightweightAccess Point
Wireless LANController
Control Messages
Data Encapsulation
-
7/29/2019 brkagg-2010
18/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 18BRKAGG-2010
Presentation_ID
Scaling the Architecture withMobility Groups
Controllers peer tosupport seamlesscampus roaming
APs learn the IPs ofthe other members ofthe mobility group after
the LWAPP Joinprocess
Support for up to 24controllers, 3600 APsper mobility group
Mobility messages
exchanged betweencontrollers
Data tunneled betweencontrollers in EtherIP(RFC 3378)
-
7/29/2019 brkagg-2010
19/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 19
BRKAGG-2010
Presentation_ID
Scaling the Architecturewith Mobility List Members
Mobility Lists allowscontrollers to peer withControllers outsidetheir mobility Group tosupport seamlessroaming acrosscontroller Mobilityboundaries
Support for up to 72controllers, 10,800 APsacross mobility Lists
Multicast messagesare exchangedbetween Mobility
Groups
-
7/29/2019 brkagg-2010
20/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 20
BRKAGG-2010
Presentation_ID
Intra-Controller Roaming
Intra-controller roamhappens when an APmoves associationbetween APs joined tothe same controller
Client must be re-authenticated and newsecurity sessionestablished
Controller updates clientdatabase entry with new
AP and appropriatesecurity context
No IP address refreshneeded
-
7/29/2019 brkagg-2010
21/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 21
BRKAGG-2010
Presentation_ID
Layer-2 RoamingInter-Controller
L2 inter-controller roam happens when an APmoves association between APs joined to thedifferent controllers but client traffic bridgedonto the same subnet
Client must be re-authenticated andnew security session established
Client database entry moved to newcontroller
No IP address refresh needed
-
7/29/2019 brkagg-2010
22/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 22
BRKAGG-2010
Presentation_ID
Layer-3 RoamingInter-Controller
L3 inter-controller roam happens when an APmoves association between APs joined to thedifferent controllers but client traffic bridgedonto different subnet
Client must be re-authenticated and newsecurity session established
Client database entry copied to newcontroller
Original controller tagged as the anchor New controller tagged as the foreign No IP address refresh needed Asymmetric traffic path established
-
7/29/2019 brkagg-2010
23/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 23
BRKAGG-2010
Presentation_ID
Foreign controllers will send Layer 3roaming clients packet back to itsanchor controller through EtherIPtunneling
Source IP address of the packet willbe the foreign controllers
management IP address
Upstream routers that haveReverse Path Forwarding (RPF) willforward on packets
Configurable option in software
release 4.1
Layer-3 RoamingSymmetric Mobility (4.1)
-
7/29/2019 brkagg-2010
24/98 2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 24
BRKAGG-2010
Presentation_ID
Roaming Requirements
Roaming must be fast Latency can be introduced by:
Client channel scanning and AP selection algorithms
Re-authentication of client device and re-keying
Refreshing of IP address
Roaming must maintain security
Open auth, static WEP Session continues on new AP
WPA/WPAv2 personal New session key for encryption
derived via standard handshakes802.1x, 802.11i, WPA/WPAv2 enterprise Client must be re-authenticated and new session key derived for encryption
-
7/29/2019 brkagg-2010
25/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 25BRKAGG-2010
Presentation_ID
Fast Secure Roaming
Client channel scanning and AP selection algorithmsImproved via CCX features
Refreshing of IP addressIrrelevant in controller-based architecture!
Re-authentication of client device and re-keying
Cisco centralized key management (CCKM)
Proactive key caching (PKC)
-
7/29/2019 brkagg-2010
26/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 26BRKAGG-2010
Presentation_ID
Supporting RoamingDesign BestPractices and Caveats
Minimize inter-controller roaming in your designs
Design the network for 10msec RTT latencybetween controllers
Inter-controller layer-2 roaming is more efficient thanlayer-3 roaming
Layer-3 roamingconsider the effects of things likeRPF and stateful security features in your designs
Use PKC and/or CCKM to speed up and secureroaming
Client roaming behaviormileage varies by vendor,driver, supplicant. Look for CCXv4 feature-set
-
7/29/2019 brkagg-2010
27/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 27BRKAGG-2010
Presentation_ID
Section Agenda
Controller-based Architecture Overview
Lightweight Access Point Protocol (LWAPP)
Protocol Overview
LWAPP AP Discovery and Join ProcessLWAPP Operations
Mobility in the Cisco Unified WLAN Architecture
Qos implementation in LWAPP
Multicast behavior in LWAPP
Architecture Building Blocks
-
7/29/2019 brkagg-2010
28/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 28BRKAGG-2010
Presentation_ID
QoS Overview
Ensures packets receive the proper QoS handling end-to-end
Makes sure packet will maintain QoS information as it traversesnetwork
Policing of 802.11e UP / 802.1p and IP DSCP values ensures end-
points conform to network QoS policies Uses Ciscos AVVID packet marking mappings and IEEE
mappings as appropriate
Supported on Cisco 2000, 4100, and 4400 series WLANcontrollers; wireless services module (WiSM); wireless LAN
controller module
Supported on Cisco Aironet 1000, 1130, 1200, 1230, 1240, and1500 series lightweight access points
Support for Cisco 7920/7921,Spectalink phones
-
7/29/2019 brkagg-2010
29/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 29BRKAGG-2010
Presentation_ID
QoS Description
Support for layer 3 IP differentiated services code point (DSCP)marking of packets
WLAN data is tunneled between AP and WLAN controller viaLWAPP
To maintain the original QoS classification across this tunnel, theQoS settings of the encapsulated data packet must beappropriately mapped to the Layer 2 (802.1p) and Layer 3 (IPDSCP) fields of the outer tunnel packet.
802.1p UP
Outer
IP DSCP
OuterLWAPP
encapsulatedIncoming 802.1p UP IP DSCP
Inner.
-
7/29/2019 brkagg-2010
30/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 30BRKAGG-2010
Presentation_ID
LWAPP QoS
Ensures that packets receive the proper QoS handling from end to end
Policing of 802.11e UP / 802.1p and IP DSCP values ensures thatwireless endpoints conform to network QoS policies
LWAPP Encapsulated
LWAPP TunnelsSiSiSiSiSiSi
WLC
AP
Ethernet Switch
802.11e DSCP Payload DSCP PayloadDSCP 802.1p DSCP Payload
LWAPP Encapsulated
802.11e DSCP Payload DSCP PayloadDSCP802.1p DSCP Payload
802.1p
12
3 4
-
7/29/2019 brkagg-2010
31/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 31BRKAGG-2010
Presentation_ID
Quality of Service (QoS)Configurable Profiles
Per-user data bandwidth contract configurable peak and average datarate enforced in the Network Processing Unit (NPU) for non-UDP traffic
Per-user real-time bandwidth contract configurable peak and averagedata rate enforced in the NPU for UDP traffic
Each Level Has a Configurable per Bandwidth Contract
Rate
-
7/29/2019 brkagg-2010
32/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 32BRKAGG-2010
Presentation_ID
Quality of Service (QoS)Configurable Profiles (Cont.)
Maximum RF usage per AP (%) defined maximum percentage of airbandwidth given to a user level
Queue depth defined depth of queue for a particular user level that willcause packets in excess of the defined value to be dropped
Each Level Has a Configurable Air QoS Rates
-
7/29/2019 brkagg-2010
33/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 33BRKAGG-2010
Presentation_ID
Controller > QoS Profiles > Edit
802.1p tag is applied to wired side to allow proper precedence tobe applied to traffic across entire network infrastructure
Controller > QoS Profiles > Edit
-
7/29/2019 brkagg-2010
34/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 34BRKAGG-2010
Presentation_ID
WLANs > Edit
WMM Options
QoS Options
-
7/29/2019 brkagg-2010
35/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 35BRKAGG-2010
Presentation_ID
Configuring Controller Web
For 7921 phone support, both AP-CAC-Limit and client CAC-Limitavailable as options
WMM and client CAC limit cannot be configured in the same WLAN
-
7/29/2019 brkagg-2010
36/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 36BRKAGG-2010
Presentation_ID
VoIP Phone SupportConfiguration Commands Available from the Command
Line
To view Dot11-Phone Mode configuration
(Cisco Controller) >show wlan 2
WLAN Identifier.................................. 2Network Name (SSID).............................. WLAN2Status........................................... Enabled
.
.
.Quality of Service............................... Platinum (voice)WMM.............................................. Required802.11e.......................................... DisabledDot11-Phone Mode (7920).......................... ap-cac-limit
Wired Protocol................................... NoneIPv6 Support..................................... DisabledRadio Policy..................................... 802.11B and 802.1G onlySecurity
802.11 Authentication:........................ Open SystemStatic WEP Keys............................... enabled
Key Index:...................................... 1Encryption:..................................... 104-bit WEP
-
7/29/2019 brkagg-2010
37/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 37BRKAGG-2010
Presentation_ID
Section Agenda
Controller-based Architecture Overview
Lightweight Access Point Protocol (LWAPP)
Protocol Overview
LWAPP AP Discovery and Join ProcessLWAPP Operations
Mobility in the Cisco Unified WLAN Architecture
Qos implementation in LWAPP
Multicast behavior in LWAPP
Architecture Building Blocks
-
7/29/2019 brkagg-2010
38/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 38BRKAGG-2010
Presentation_ID
Multicast Delivery Method
Improved multicast performance over wireless networks
Multicast packet replication occurs only at points in the networkwhere it is required, saving wired network bandwidth
One Multicast Packet InLWAPP Tunnels
One Multicast Packet InLWAPP
Multicast Group
One LWAPP MulticastPacket Out
Three LWAPP UnicastPackets Out
Unicast Mechanism
Multicast Mechanism
Network Replicates
Packet as Needed
-
7/29/2019 brkagg-2010
39/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 39BRKAGG-2010
Presentation_ID
Multicast Mode Selection
Multicast mode and multicast group configured on WLC general interface
-
7/29/2019 brkagg-2010
40/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 40BRKAGG-2010
Presentation_ID
LWAPP Stationary Client
IGMP join
Client Sends an IGMP Join which travels through theaccess-point to the Wireless LAN Controller (WLC).The WLC then forwards the IGMP join through theupstream switch to the PIM enabled router
IGMP leave
With a client who gracefully leaves the multicast group.The client will send an IGMP leave through the access-
point to the WLC. The WLC will forward this IGMPleave through the upstream switch to the PIM enabledrouter. The PIM enabled router will then send a groupspecific query for other interested clients before pruninggroup from subnet.
IGMP
IGMP
Mcast Traffic
Stationary Client
Or a Client That Never Roams from the Same Wireless LAN Controller
-
7/29/2019 brkagg-2010
41/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 41BRKAGG-2010
Presentation_ID
LWAPP Stationary Client
Multicast source
If the client is the source of a multicast group, thetraffic will flood across all access-points on thesame controller. The multicast traffic will also beforwarded upstream through the connectedswitch to the PIM enabled Router. The PIMenabled router will do an RPF check beforeprocessing the packet further.
Mcast Traffic
Stationary Client
Or a Client That Never Roams from the Same Wireless LAN Controller
-
7/29/2019 brkagg-2010
42/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 42BRKAGG-2010
Presentation_ID
LWAPP Roaming ClientLayer 2
IGMP joinClient sends an IGMP Join which travels through theaccess-point to the wireless LAN controller (WLC). TheWLC then forwards the IGMP join through the upstreamswitch to the PIM enabled router
IGMP snooping
Switch CAM entry is created for specific multicast grouptoward controller 1
IGMP
Mcast Traffic
X
IGM
P
Snooping Switch is Blocking Multicast Traffic Toward All OtherPorts
General IGMP Query Sent From the WLC to the Client, AllowingTraffic to Flow
Multicast
-
7/29/2019 brkagg-2010
43/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 43BRKAGG-2010
Presentation_ID
LWAPP Layer 3 Roaming Client
IGMP join/leaveBoth the initial join and leave (if agraceful leave happens) will beprocessed the same as any other join orleave. Once a client has roamed, neitherthe infrastructure nor the client are
required to send a new join to verifytraffic follows?? No Audio
Multicast source
Client that is the Source of the multicastgroup the upstream router will drop thepacket as the source address wasreceived on the wrong interface.
Mcast Traffic
??
X
Client Roaming at Layer 3 with 4.0.217
-
7/29/2019 brkagg-2010
44/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 44BRKAGG-2010
Presentation_ID
Section Agenda
Controller-based Architecture Overview
Lightweight Access Point Protocol (LWAPP)
Protocol Overview
LWAPP AP Discovery and Join ProcessLWAPP Operations
Mobility in the Cisco Unified WLAN Architecture
Qos implementation in LWAPP
Multicast behavior in LWAPP
Architecture Building Blocks
-
7/29/2019 brkagg-2010
45/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 45BRKAGG-2010
Presentation_ID
Components of Centralized Architecture
WLC
Cisco Unified Wireless LAN controllers aggregrate WLAN client trafficand control the Wireless network
APs
Lightweight access points are used in all unified wireless architecturesand provides client wireless access, and tunneling to the WLC.
WCS
Cisco Wireless Control System provides centralized management, RFplanning and visualization tools, and location services
-
7/29/2019 brkagg-2010
46/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 46BRKAGG-2010
Presentation_ID
Cisco Compatible ExtensionsThe Standard for Client Advancement
http://www.cisco.com/go/ciscocompatible/wireless
Over 90% of Client Devices Cisco Compatible
Client Devices
Client Devices
Features Assured compatibility with 400+ devices Standards-based Enhanced security, mobility, and performance Supports Mobility Services i.e.. Location, voice
Benefits Accelerates innovation Supports diverse enterprise applications
Ensures multi-vendor interoperability Enables simplified deployment of mobile WLAN clients
Single Client for
http://www.sony.com/VAIOBXhttp://www1.us.dell.com/content/products/productdetails.aspx/inspn_8500?c=us&cs=555&l=en&s=biz -
7/29/2019 brkagg-2010
47/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 47BRKAGG-2010
Presentation_ID
Cisco Secure Services Client
Single Client forUniform Security and Services
Features
Unified wired and wireless client
Support for industry standards
Endpoint integrity
Single sign-on capable
Enabling of group policies
Administrative control
Benefits
Reduces client software
Simple, secure device connectivity
Minimizes chances of network compromisefrom infected devices
Reduces complexity
Restricts unauthorized network access
Centralized provisioningSSC
Key Features:802.1X authentication for wiredand wireless devices
Windows XP/2000 support
EAP:
EAP-FAST, EAP-MD5, PEAP-MSCHAP, PEAP-GTC, EAP-TLS, EAP-TTLS, Cisco LEAP
Encryption:
WEP, Dynamic WEP,TKIP, AES
Standards:
WPA and WPA2
-
7/29/2019 brkagg-2010
48/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 48BRKAGG-2010
Presentation_ID
Proven Platform for Mobile Access
Indoor Access Points
1130AG
Indoor Rugged Access Points
1500
1240AG 1230AG
Outdoor Access Points/Bridges
1400 1300
1121BG
Access Points
Features Industrys best range and throughput Enterprise class security Many configuration options Simultaneous air monitoring and traffic delivery Wide area networking for outdoor areas
Benefits Zero touch management No dedicated air monitors
Supports all deployment scenarios (indoor and outdoor) From secure coverage to advanced services
1250AGN
-
7/29/2019 brkagg-2010
49/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 49BRKAGG-2010
Presentation_ID
Wireless Integrated ServicesModule (WiSM)
Network Core
Delivering Network Unification
Wireless LAN Controller forISR Series Routers 2106 Wireless LAN
Controller
Branch Office
Hybrid Remote Edge Access Points (H-REAP)
Remote Office
Catalyst 3750GIntegrated WLAN Controller
Intelligent Access
4400 Wireless LANController
Distribution
Lower TCO
ScalabilityHigh
Availability
Ease ofDeployment
Investment
Protection
Cisco Unified
Wireless Network
Flexibility
-
7/29/2019 brkagg-2010
50/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 50BRKAGG-2010
Presentation_ID
Cisco Wireless Controller Family
Cisco WiSM300 APs
Deployment Size
>=100 APs>=25 APs>=2-6 APs
Cisco 21066 APs
ISR WLC Module6 AP
>=12 APs
H-REAP
>=50 APs
Cisco 375025 APs
Cisco 375050 APs
-
7/29/2019 brkagg-2010
51/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 51BRKAGG-2010
Presentation_ID
Cisco Wireless Control System (WCS)
World-Class Network Management
Features Client troubleshooting (via CCX) Planning, configuration, monitoring, location, IDS/IPS, and
troubleshooting
Hierarchical maps Intuitive GUI and templates Policy based networking (QoS, security, RRM, etc.)
Benefits Lower OPEX and CAPEX Better visibility and control of the air space
Consolidate functionality into a single management system Determines location and voice readiness
-
7/29/2019 brkagg-2010
52/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 52BRKAGG-2010
Presentation_ID
802.11n yet again higher rates
Extends both 802.11a and 802.11g
Both 2.4 GHz and 5.8 GHz
64 new bit rates up to 600 Mbps
Entirely new radio using MIMO technology
Current radios use a single Tx and Rx, implement Rx diversity
11n uses multiple Tx and Rx, simultaneously, combining multiple receivedsignals to improve quality
In working group balloting, sponsor ballot mid 2008, approval mid 2009*
Draft-11n certification launched by WiFi Alliance (WFA) in June of 2008
Cisco is in the WFA Draft-11n test bed
*ALWAYS subject to change
-
7/29/2019 brkagg-2010
53/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 53BRKAGG-2010
Presentation_ID
Network Design Overview
-
7/29/2019 brkagg-2010
54/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 54BRKAGG-2010
Presentation_ID
Section Agenda
Connecting Controllers and APs to Networks
Controller Redundancy and AP Load Balancing
Campus WLAN Controller Designs
Branch Office WLAN Controller Designs
Migrating from Autonomous APs to the Controller-based Architecture
Understanding WLAN ControllersThe
-
7/29/2019 brkagg-2010
55/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 55BRKAGG-2010
Presentation_ID
Understanding WLAN ControllersTheWLAN Controller as a Network Device
WLAN controller
For wireless end-user devices, the controller is a 802.1Q bridge that takes traffic of the air andputs it on a VLAN
From the perspective of the AP, the controller is an LWAPP tunnel end-point with an IP address
From the perspective of the network, its a layer-2 device connected via one or more 802.1Qtrunk interfaces
The AP connects to an access portno concept of VLANsatthe AP necessary.
Data VLAN
Voice VLAN
Management VLANLWAPPTunnel
Understanding WLAN ControllersThe
-
7/29/2019 brkagg-2010
56/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 56BRKAGG-2010
Presentation_ID
Understanding WLAN ControllersTheWLAN Controller as a Network Device
PortPhysical connection to a neighbor switch/router
InterfaceLogical connection mapping to a VLAN onthe neighbor switch/router
Management interface
AP Manager interface(s)
Dynamic interface(s)
Virtual interface
Service interface
WLANEntity that maps an SSID to an interface at thecontroller, along with security, QoS, radio policies, andother wireless networking parameters
Three Important Concepts to Understand:
-
7/29/2019 brkagg-2010
57/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 57BRKAGG-2010
Presentation_ID
Welcome to the Cisco Wizard Configuration Tool
Use the '-' character to backup
System Name [Cisco_44:36:c3]:Enter Administrative User Name (24 characters max): adminEnter Administrative Password (24 characters max): admin
Service Interface IP Address Configuration [none][DHCP]:
Enable Link Aggregation (LAG) [yes][NO]:noEnter Port number : 1
Management Interface IP Address: 10.10.80.3Management Interface Netmask: 255.255.255.0Management Interface Default Router: 10.10.80.1
Management Interface VLAN Identifier (0 = untagged): 0Management Interface Port Num [1 to 2]: 1Management Interface DHCP Server IP Address: 10.10.80.1
AP Transport Mode [layer2][LAYER3]: layer3AP Manager Interface IP Address: 10.10.80.4AP-Manager is on Management subnet, using same values
AP Manager Interface DHCP Server (10.10.80.1):
Virtual Gateway IP Address: 1.1.1.1Mobility/RF Group Name: mobile-1Enable Symmetric Mobility Tunneling: No
Network Name (SSID): secure-1Allow Static IP Addresses [YES][no]:
Configure a RADIUS Server now? [YES][no]:
Enter the RADIUS Server's Address: 10.10.10.12Enter the RADIUS Server's Port [1812]:
Enter the RADIUS Server's Secret: ciscoEnter Country Code (enter 'help' for a list of countries) [US]:
Enable 802.11b Network [YES][no]:
Enable 802.11a Network [YES][no]:
Enable 802.11g Network [YES][no]:
Enable Auto-RF [YES][no]:
-
7/29/2019 brkagg-2010
58/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 58BRKAGG-2010
Presentation_ID
Initial Configuration Screen of WLC
Connecting the WLAN Controller
-
7/29/2019 brkagg-2010
59/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 59BRKAGG-2010
Presentation_ID
Connecting the WLAN Controllerto the Network
Options - Link aggregation (LAG) or no LAGLAG supported on 440x, WiSM, Cisco 3750G integrated WLANcontroller switch
LAG is the only option for WiSM, Cisco 3750G integrated WLANcontroller switch
440x-based controller allows 48 APs per port in the absenceof LAG
Use multiple AP Manager interfaces to support more than48 APs on the WLC without LAGLWAPP algorithm will
load balance APs across the AP managers
LAG allows use of 1 AP Manager interface by load-balancing traffic across an EtherChannel interface
-
7/29/2019 brkagg-2010
60/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 60BRKAGG-2010
Presentation_ID
Multiple AP Manager Interfaces
Link Aggregation
-
7/29/2019 brkagg-2010
61/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 61BRKAGG-2010
Presentation_ID
Link AggregationSingle AP Manager Interface
No EtherChannel modenegotiation (LACP, PAgP):
Set etherchannel mode on forneighboring switchports
Requires ip-src-dst loadbalancing for the switch
Etherchannel
Default on 6K
Default on 3750 is scr-mac
Packets are forwardedout the same port they
arrived on
1 LAG group per WLCis supported
-
7/29/2019 brkagg-2010
62/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 62BRKAGG-2010
Presentation_ID
Putting It All Together
-
7/29/2019 brkagg-2010
63/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 63BRKAGG-2010
Presentation_ID
Cisco WiSM Configuration
IOS version 12.2(18)SXF8 or above version which requires 512MB memory and 128 MB flash
The data ports (1Gbps*8 = 8Gbps) and service ports (1Gbps*2 =2Gbps) are connected at the back plane, no physical connectionsat the front
Service-port is used for OOB management and should be part of adifferent VLAN.
LAG is a must for Cisco WiSM, so make sure you create twoseparate port-channels
LED
-
7/29/2019 brkagg-2010
64/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 64BRKAGG-2010
Presentation_ID
Section Agenda
Connecting Controllers and APs to Networks
Controller Redundancy and AP Load Balancing
Design Considerations
Migration from Autonomous APs to the Controller-based Architecture
Controller Redundancy
-
7/29/2019 brkagg-2010
65/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 65BRKAGG-2010
Presentation_ID
Controller Redundancyand AP Load Balancing
LWAPP discovery response includes the controllers sysName,controller type, controller AP capacity, current AP load, MasterController status, AP manager IP address(es) and number of APs
joined to the AP manager
Recall: AP makes join decision based on this information in
LWAPP discovery response:1. If AP has been previously configured with a primary, secondary, and/or
tertiary controller, the AP will attempt to join these first (specified bycontroller sysName)
2. Attempt to join a WLAN controller configured as a Master controller
3. Attempt to join the WLAN controller with the greatest excess AP capacity,using least loaded AP manager
#1 and #3 allow for two approaches to controller redundancy andAP load balancingdynamic and deterministic
-
7/29/2019 brkagg-2010
66/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 66BRKAGG-2010
Presentation_ID
Dynamic Redundancy
Rely on LWAPP to load-balance APsacross controllers and populate APswith backup controllers
Results in dynamic salt-and-pepper design
Design works better when controllersare clustered in a centralized design
Pros:Easy to deploy and configure
less upfront work
APs dynamically load-balance(though never perfectly)
Cons:More inter-controller roaming
Bigger operational challenges due
to unpredictabilityLonger failover times
No Fallback option in the event ofcontroller failure
Ciscos general recommendationis:Only for Layer 2 Roaming
Use deterministic redundancy instead
of dynamic redundancy
-
7/29/2019 brkagg-2010
67/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 67BRKAGG-2010
Presentation_ID
Deterministic Redundancy
Administrator statically assigns APs a primary,secondary, and/or tertiary controller
Assigned from controller interface (per AP) or WCS(template-based)
ProPredictabilityEasier operational management
More network stability
More flexible and powerful redundancy design options
Faster failover timesFallback option in the case of failover
ConMore upfront planning and configuration
This is Ciscos recommended best practice!
-
7/29/2019 brkagg-2010
68/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 68BRKAGG-2010
Presentation_ID
Controller Redundancy DesignsN:1
-
7/29/2019 brkagg-2010
69/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 69BRKAGG-2010
Presentation_ID
Section Agenda
Connecting Controllers and APs to Networks
Controller Redundancy and AP Load Balancing
Design Considerations
Migration from Autonomous APs to the Controller-based Architecture
First Question!
-
7/29/2019 brkagg-2010
70/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 70BRKAGG-2010
Presentation_ID
QApplicationsWhat is the Network for?
Design for the needs of the applications
Look at the protocols used
Look at the minimum requirements of each
READ the Application Notes!
-
7/29/2019 brkagg-2010
71/98
-
7/29/2019 brkagg-2010
72/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 72BRKAGG-2010
Presentation_ID
Campus WLAN Controller Options
Standalone appliancecontroller
Routed network exists onanother platform
Dot1Q trunk to switched/routed
network
Integrated controller
Routed network can exist onthe same platform
Layer 2 connection is internal
Layer 2 or 3 connection tonetwork routed network
440x
Cisco 3750GIntegrated WLANController
WiSM
Integrated
Appliance
Where to Place a WLAN Controller?
-
7/29/2019 brkagg-2010
73/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 73BRKAGG-2010
Presentation_ID
Where to Place a WLAN Controller?Distributed Designs
WiSM(s) or 440x WLANcontroller(s) connected atdistribution layer
Controller redundancy
Key design considerations:
Spanning tree
HSRP/GLBP
Traffic flow
Load balancing
Resiliency
Access layer collapsed intodistribution layer
Access layer IP addressing
Access layer features need tobe implemented in thedistribution layer
Mobility!
Layer 2
VoiceDataVoice
Access Subnets
Clients
Data
AP AP
WLAN Client Subnets
-
7/29/2019 brkagg-2010
74/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 74BRKAGG-2010
Presentation_ID
Healthcare
Multicast is Number oneProtocol
Always UnderConstruction
Numerous Non-802.11
Radio devices
NEED for RF policyover an 802.11 Policy.
Intranet
IDF
First Floor
IDF
Third Floor
Building DFDistribution Layer
Core
Clinic orRemoteoffice
Depending upon sizeHREAP or Controller
Deployment
-
7/29/2019 brkagg-2010
75/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 75BRKAGG-2010
Presentation_ID
Retail
PCI COMPLIANCE!!
Carpeted and Warehouseenvironment
Use of small Handheldequipment
Internet
Large StoreSmall Store
HeadQuarters
HREAP for lessthan 3 Access
Points
SmallController withMore Access-
Points
-
7/29/2019 brkagg-2010
76/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 76BRKAGG-2010
Presentation_ID
Enterprise Requirements
Voice is the essentialApplication
Data for E-mail and othernon-latency sensitiveapplications
Video is on the rise.SiSi
Intranet/Internet
IDFFirst Floor
IDFFifth Floor
IDFThird Floor
Building DF
Distribution Layer
Core
-
7/29/2019 brkagg-2010
77/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 77BRKAGG-2010
Presentation_ID
Manufacturing
Multipath intensiveenvironment
Can benefit from both indoormesh and the standardcentral solution
HREAP could be used forsmall solutions
Internet
LargeManufacturing
Site
SmallManufacturing
Site
Headquarters
SmallController withMore Access-
Points
-
7/29/2019 brkagg-2010
78/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 78BRKAGG-2010
Presentation_ID
Distributed vs. Centralized Design
General recommendation is Centralized DesignUse integrated platform(s)WiSM for small/medium/large,Cisco 3750G Integrated WLAN Controller for small/medium
Choose the design that makes the most sense for you
Current network and policies
Future growth plans
Distributed designs may work well with existingnetworks
Branch Office Deployment
-
7/29/2019 brkagg-2010
79/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 79BRKAGG-2010
Presentation_ID
Hybrid REAP
Supported on 1130 and 1240 AP platforms Allows bridging/tagging of traffic locally (local switching) by WLAN
Allows simultaneous tunneling of traffic to WLC (central switching)by WLAN
Connected ModeLWAPP control centralized
Standalone Mode (WAN outage)
Locally switched WLANs stay up
Some lost functionality
100 msecs latency between APs and WLC
H-REAP APs should be connected to trunk portsallow only the relevant,locally switched VLANs
No optimization for:
Fast, secure roaming (CCKM, PKC)
Voice (no CAC or TSPEC support in standalone mode)
Design Considerations:
-
7/29/2019 brkagg-2010
80/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 80BRKAGG-2010
Presentation_ID
Sample HREAP Network
-
7/29/2019 brkagg-2010
81/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 81BRKAGG-2010
Presentation_ID
H-REAP WLAN Configuration
Configure the WLAN for H-REAP operation
-
7/29/2019 brkagg-2010
82/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 82BRKAGG-2010
Presentation_ID
H-REAP AP Configuration
Select a desired AP...
-
7/29/2019 brkagg-2010
83/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 83BRKAGG-2010
Presentation_ID
H-REAP AP Configuration (Cont.)
... and set it to H-REAP mode and enter VLAN info
Enable VLAN Support and Enter theNative VLAN Information
-
7/29/2019 brkagg-2010
84/98
-
7/29/2019 brkagg-2010
85/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 85BRKAGG-2010
Presentation_ID
Branch Office WLAN Controller Options
Appliance controllersCisco 2106Support 6 APs
Cisco 4402-12, 4402-24
Integrated controller
WLAN controller module(WLCM) for ISR
Cisco 3750 integratedWLAN controller (support for
25, 50 APs)
2106
440x
Cisco 3750 IntegratedWLAN Controller
Integrated
Appliance
WLCM in ISR
S i A d
-
7/29/2019 brkagg-2010
86/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 86BRKAGG-2010
Presentation_ID
Section Agenda
Connecting Controllers and APs to Networks
Controller Redundancy and AP Load Balancing
Design Considerations
Migration from Autonomous APs to the Controller-based Architecture
Upgrading Autonomous Access Pointst LWAPP M d
-
7/29/2019 brkagg-2010
87/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 87BRKAGG-2010
Presentation_ID
to LWAPP Mode
Basic AP upgrade process:Use Cisco-provided upgrade tool to load LWAPP Recovery IOSImage onto the AP(s)
AP joins a controller, downloads full LWAPP IOS image
LWAPP IOS upgrade is supported on the following
platforms:1120G series (802.11B/G)
1200 series, including 1210, 1230 (802.11B/G and/or 2nd generation802.11A radiosRM21A, RM22A)
1130AG
1240AG
BR1310 (only AP mode is supported in LWAPP)
Only layer-3 LWAPP mode is supported
Roll-back to autonomous-mode is supported
LWAPP U d R i t
-
7/29/2019 brkagg-2010
88/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 88BRKAGG-2010
Presentation_ID
LWAPP Upgrade Requirements
Ensure the APs hardware is supported The AP is running IOS release 12.3(7)JA, or later
The controller is running 3.1, or later and telnet is enabled
Each APs information is input into a text file in the followingformat:
ap-ip-address,telnet-username,telnet-user-password,enable-password
ap-ip-address,telnet-username,telnet-user-password,enable-password
(WLC_CLI) >config network telnet enable
In the WLC GUI, Go to: Management |Telnet-SSH and Enable Telnet.
or
U i th LWAPP U d T l
-
7/29/2019 brkagg-2010
89/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 89BRKAGG-2010
Presentation_ID
Using the LWAPP Upgrade Tool
AP upgrade tool
Point the Upgrade Tool to the AP csvtext file
Make sure the time is correctly set
1 5 APs may be upgraded simultaneously. Theircompletion status bars are shown here.
AP upgrade process status
Telnet must be enabled on a WLC
APs with static IP addresses will rely on DNS to find WLCsacross router hops
Ensure the latest IOS LWAPP (JX) image is availablevia TFTP
Click for AP MAC and SSC output
Upgrading Autonomous Access Points toLWAPP M d S lf i d C tifi t
-
7/29/2019 brkagg-2010
90/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 90BRKAGG-2010
Presentation_ID
LWAPP ModeSelf-signed Certificates
LWAPP join process assumes X.509 certificates and factoryinstalled public/private keys
All Cisco APs manufactured after July 18, 2005 have Manufacturing InstalledCertificates (MIC)
Cisco Aironet APs manufactured prior to July 18, 2005 do not have factoryinstalled public/private keys and certificates
Upgrade tool issues commands to AP to have it generate an RSAkey pair and a self-signed certificate (SSC) and installs the rootCAs so that the AP can authenticate controllers
SSCs must be individually authorized on each controller
Upgrade tool extracts the public key and can install it on 1controller. It also stores an AP MAC, public key tuple in a CSV filethat can be imported into WCS and other controllers
http://www.cisco.com/en/US/partner/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.html
Upgrading Autonomous Access Pointst LWAPP M d B t P ti
http://www.cisco.com/en/US/partner/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.htmlhttp://www.cisco.com/en/US/partner/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.htmlhttp://www.cisco.com/en/US/partner/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.htmlhttp://www.cisco.com/en/US/partner/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.html -
7/29/2019 brkagg-2010
91/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 91BRKAGG-2010
Presentation_ID
to LWAPP ModeBest Practices
Basic upgrade strategy:Deploy, validate controllers and WCS
Plan an LWAPP discovery strategy so APs can discovercontrollers
Test the process in a lab or on low-traffic, easy-to-troubleshootAPs to validate the procedure
Do the migration during a change window and allow time fortroubleshooting
Save the CSV file(s) with the MAC/Public Key mappings even if
you import them to WCS Migrate APs in logical blocks rather then en masse
Take caveats to co-existence into consideration
Evaluate tolerance for downtime
Upgrading Autonomous Access Points to LWAPP
-
7/29/2019 brkagg-2010
92/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 92BRKAGG-2010
Presentation_ID
ModePlanning the LWAPP Discovery Strategy
Options for discovery when upgrading autonomous access pointsto LWAPP:
Local subnet broadcast of LWAPP discovery request
Vendor-specific DHCP option 43
DNS resolution of CISCO-LWAPP-CONTROLLER.localdomain
Console port priming commands (valid only with LWAPP recovery IOS image)
OTAP is not supported in the LWAPP recovery IOS image
Most autonomous Cisco Aironet APs are deployed with static IPaddresses
AP preserves static IP address, default gateway, sysName, DNS server,domain name during the upgrade process
Many Cisco customers have chosen to erase the APconfigurations before upgrading and migrate to DHCP addressesinstead of static IP addresses
Upgrading Autonomous Access Points toLWAPP M d WLSM d WiSM C E i t
-
7/29/2019 brkagg-2010
93/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 93BRKAGG-2010
Presentation_ID
LWAPP ModeWLSM and WiSM Co-Existence
WLSM and WiSM can co-exist in the same 650x chassis
Minimum software requirements: (NOT RECOMMENDED)
Supervisor 720: 12.2(18)SXF2
WLSM: Version 1.4.1
WiSM: 3.2.116.x
http://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_example
09186a008073614c.shtml
Coexistence Between Autonomous AccessP i t d C t ll B d A hit t
http://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_example09186a008073614c.shtmlhttp://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_example09186a008073614c.shtmlhttp://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_example09186a008073614c.shtmlhttp://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_example09186a008073614c.shtmlhttp://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_example09186a008073614c.shtml -
7/29/2019 brkagg-2010
94/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 94BRKAGG-2010
Presentation_ID
Point and Controller-Based Architecture
No seamless roaming between architectures No coordination between WLSE radio management (RM)
and Cisco Unified Architecture RRM
RM and RRM algorithms should account for contention
Each architecture may report others APs as rogue
Consider network architectural impact and any necessarychanges very carefully
Upgraded APs should be connected to access ports instead oftrunk ports
May need to clean-up and harvest old, unnecessary VLANs andIP subnets
Plan out new IP addressing schemes for wireless clientsand APs
-
7/29/2019 brkagg-2010
95/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 95BRKAGG-2010
Presentation_ID
AssureWave
AssureWave
-
7/29/2019 brkagg-2010
96/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 96BRKAGG-2010
Presentation_ID
AssureWaveHealthCare, Retail and Manufacturing
Full Vertical application testing with Partner Equipment
Define pass failure with details beyond standardSoftware Testing
Testing done in-house AND at Partner facilities
EXAMPLE Vertical Test Bed
http://www.intermec.com/index.aspxhttp://images.google.com/imgres?imgurl=http://www.starmed-ulm.de/images/unternehmen/logo_draeger.gif&imgrefurl=http://www.starmed-ulm.de/unternehmen/partner/index.php&h=65&w=218&sz=4&hl=en&start=8&tbnid=58aghh2TSYYSVM:&tbnh=32&tbnw=107&prev=/images?q=Draeger+logo&gbv=2&svnum=10&hl=enhttp://images.google.com/imgres?imgurl=http://www.dsi.unifi.it/osspl06/images/philips.gif&imgrefurl=http://www.dsi.unifi.it/osspl06/program.html&h=39&w=153&sz=2&hl=en&start=4&tbnid=7BsSkxyRt8NU2M:&tbnh=24&tbnw=96&prev=/images?q=Philips+Medical+logo&gbv=2&svnum=10&hl=enhttp://images.google.com/imgres?imgurl=http://www.infomedltd.co.uk/images/main_site/logos/ge_sponsor_logo.gif&imgrefurl=http://www.infomedltd.co.uk/sponsors.htm&h=115&w=150&sz=6&hl=en&start=13&tbnid=h9YSg0BS-DosPM:&tbnh=74&tbnw=96&prev=/images?q=GE+HealthCare+logo&gbv=2&svnum=10&hl=enhttp://images.google.com/imgres?imgurl=http://www.datascansystems.com/images/handheld_logo.gif&imgrefurl=http://www.datascansystems.com/hand_held_products.htm&h=81&w=311&sz=5&hl=en&start=1&tbnid=klWZkOVqZ8GIbM:&tbnh=30&tbnw=117&prev=/images?q=handheld+logo&gbv=2&svnum=10&hl=enhttp://images.google.com/imgres?imgurl=http://technology.beloblog.com/archives/apple%20logo.jpg&imgrefurl=http://technology.beloblog.com/archives/apple/&h=226&w=187&sz=5&hl=en&start=3&tbnid=DSPqME1VcBLbVM:&tbnh=108&tbnw=89&prev=/images?q=apple+logo&gbv=2&svnum=10&hl=enhttp://images.google.com/imgres?imgurl=http://www.ieeevtc.org/vtc2006fall/sponsor-logos/RIM_logo_blue.jpg&imgrefurl=http://www.ieeevtc.org/vtc2006fall/patrons.php&h=131&w=303&sz=13&hl=en&start=7&tbnid=ljTGUcez7FF6hM:&tbnh=50&tbnw=116&prev=/images?q=RIM+logo&gbv=2&svnum=10&hl=enhttp://images.google.com/imgres?imgurl=http://cellandsatellite.com/images/nokia_logo.gif&imgrefurl=http://cellandsatellite.com/index.php?cPath=603_866_881&h=188&w=300&sz=7&hl=en&start=9&tbnid=_pzlmVKjNBZ8sM:&tbnh=73&tbnw=116&prev=/images?q=nokia+logo&gbv=2&svnum=10&hl=enhttp://www.aeroscout.com/ -
7/29/2019 brkagg-2010
97/98
2008 Cisco Systems, Inc. All rights reserved. Cisco Publ ic 97BRKAGG-2010
Presentation_ID
EXAMPLE Vertical Test Bed
-
7/29/2019 brkagg-2010
98/98