Encrypted L3 Communications between the TOWER and WLC?

Hi all

I work with a client who wants to put the towers away to their WLC (a 4402). The problem is that communications between the TOWER and WLC must be secured, even through their private Wan! I have a few questions that result, if someone is able to help you;

  1. I can't know if and what method of encryption is (is it AES etc.?) used on connections between towers and the WLC and what are the steps?

    1. The terminology can be a problem here, it's not a wireless mesh, just classic LAP for WLC
  2. EXTENSIVE customer network is already encrypted (IPSec VPN via VPLS) in parts - what is the consequence of execution of AP<-->WLC with end to end (if possible) on a network encryption EXTENDED with IPSec, i.e. double encryption?

Strange but true - pointers will be greatly appreciated... Phil.C

With a controller of the 4400 series, the control traffic between the AP and the regulator is already encrypted AES.  The user traffic is not encrypted.  If you use a 5508 controller all traffic between the AP and the controller is encrypted AES.

For what is running the traffic through a VPN, it should work.  The issue I see with this is with the MTU in general.  The controller will drop all packets with a payload of less than 32bytes data.  According to the MTU over the VPN I've seen packets getting fragmented and it is a question.  If you use one of the versions CAPWAP (5.2 or newer) discovery dynamic MTU is part of the Protocol and this MTU problem does not really exist.

Tags: Cisco Wireless

Similar Questions

  • No communication between the printer and the Red computer on switch flashing printer does on every time I turn it off

    I get a message there is no communication between the printer and the computer. Printer is all-in-one HP Officejet 4315v. Have uninstalled and reinstall the software and unplug the USB port and plug it back. Repeated several times. Still no communication. Exclamation red light next to 'on' and green button 'on' butter is flashing all the time.

    You have a hardware failure of the printer.  Contact the manufacturer for support.

  • No communication between the primary and standby

    Hello

    I have configured the DG,

    primary-> testprod
    standby mode-> testprod_s
    I started, standby machine instance watch with testprod and its place...
    but there is no communication between the primary and standby...

    How can I ask/check communication?

    Heartbeat PING [ARC3]: Unable to connect to the day before "testprod_s". Error is 12514

    eve of post form

    status of $lsnrctl
    $lsnrctl services

    When oracle not registered with listener service, this kind of errors occurred.
    The value of register LOCAL_LISTENER & manually as below in sleep mode and post

    SQL > alter the registry system;

  • Disable communication between the host and the virtual machine

    I have VM Server 2.0 and one of the virtual machines has the same name as the server and even if the virtual computer is connected to the host only network it generates the Windows error message: duplicate names exist on the network.

    is there a way to disable communication between the host and the virtual machines? I just need a virtual network that is isolated from my network complete and host also.

    Thank you.

    The GUI Server2 is not to choose the other unused vmnets.  Then edit your file VMX use a different vmnet of 0, 1 or 8.  (which are bridged, host-only and NAT)

    Thus, for example, if your VMX has a line that says:

    Ethernet0.VNET = "VMNet0.

    change to:

    Ethernet0.VNET = "VMNet2.

    (This assumes that you have not used the network Editor to fill the vmnet2 either).

  • communication between the printer and the computer stops

    Original title: printer problem

    Without rhyme or reason communication between our computer and the printer just stops (often!)   Why?  and how to fix it?

    Hello

    ·                         try to uninstall and reinstall and use the latest printer drivers VISTA for your model of the manufacturer of the printer

    You can also track information to try to solve your problems of printer below

    read the printer correct that information the slot microsoft, including the 'fix - it' and the information of the links to the other

    Solve printer problems

    http://Windows.Microsoft.com/en-us/Windows-Vista/troubleshoot-printer-problems

    and read this microsoft tutorial too

    Introduction

    This tutorial is designed to help you identify and fix the problem printer common windows problems, including print errors, or errors, and other issues that could prevent you from printing. This tutorial does not cover printing problems related to specific programs. Printing problems can be caused by cables that are not properly connected, corrupt, drivers, incompatible drivers, the printer settings, missing updates and problems with your printer.

    How to use this tutorial

    For best results, complete each step before move you on to the next. Try to print after each step before moving on to the next step.

    http://Windows.Microsoft.com/en-us/Windows/help/printer-problems-in-Windows

  • How to enable the communication between the host and the virtual from Windows 7 computer

    Host: Mac OS X 10.6

    Setting of networking: NAT (also connected to the VPN work)

    VM: Windows 7

    I use my mac for my development. I have an application running with the Web Server server. I also use the hosts so that I can map the URLS of different web site with the same ip address.

    For example:

    On my Mac in/etc/hosts

    127.0.0.1 www.testsite1.com www.testsite2.com

    On my virtual from Windows machine in the hosts file

    987.78.125.125 www.testsite1.com www.testsite2.com

    When I'm at the office and using bridged connections, it works very well. However, I prefer to use NAT all the time.

    Is this possible?


    Thank you!

    I actually already answer your question but now I know the details, and by the way you have explained so much better the second time!

    When not connected to the VPN on the host computer and the guest knows the IP address of the Web server on the host (an appropriate entry in the guest hosts) then it should work but when connected to the VPN, if you are administrator does its job well, that you should not be able to connect the host to the guest for the reason mentioned previously...  Authenticated/no unapproved system (guest) cannot access an authenticated / trust system (host), while the VPN on the host computer is set up to your corporate network.

  • No communication between the computer and the printer Photosmart D100 HD series

    Pentiun4 computer and HP Photosmart D110 seriesmy problem computer is HP but not accept the printer sends the signal to the printer. Thank you

    Hello

    1. what operating system is running on your computer?

    2. it worked earlier? If so, remember you have changed your computer?

    3. What is the exact error you receive?

    Follow the steps in this link and check if that helps: http://windows.microsoft.com/en-us/windows/help/printer-problems-in-windows

  • problems of communication between the computer and printer (wireless)

    I installed a wireless printer and its not connect with my laptop

    each model is different.  You will need to read the manual on this.  Most likely the IP address assigned to the printer is no longer valid in your current setup.

    from a command like use ping to see if the network route works

    Ping 1.1.1.1 (change the config page IP address 1.1.1.1).

    If you have configured the IP address as static you return to DHCP on the network.

    Alan Morris Windows printing team; Here Microsoft Knowledge Base search: http://support.microsoft.com/search/Default.aspx?adv=1

  • communication between the spring and cache-config

    Hello

    I have the following definition in one of the plans.
    <distributed-scheme>
     <scheme-name>data_distributed</scheme-name>
     <service-name>DistributedDataCache</service-name>
     <listener>
          <class-scheme>
               <class-name>spring-bean:AbcMapTriggerListener
               </class-name>
          </class-scheme>
     </listener>
     <backing-map-scheme>
          <local-scheme>
               <listener>
                    <class-scheme>
                         <class-name>
                              a.b.c.AbcBackingMapListener
                         </class-name>
                         <init-params>
                              <init-param>
                                   <param-type>com.tangosol.net.BackingMapManagerContext
                                   </param-type>
                                   <param-value>{manager-context}</param-value>
                              </init-param>
                         </init-params>
                    </class-scheme>
               </listener>
          </local-scheme>
     </backing-map-scheme>
     <backup-count>0</backup-count>
     <autostart>true</autostart>
</distributed-scheme>
    I'll need to get the AbcBackingMapListener initialized with another reference to cache and some custom objects. How can I pass these references to the manufacturer (or by using the set accessors)?

    I tried to use < class-system > inside the < param-value > element, but that has not worked.
    <param-value>
     <class-scheme>
          <class-name>spring-bean:CustomObject
          </class-name>
     </class-scheme>
</param-value>
    Any suggestion would be appreciated.

    Hi magali,.

    To use another program like an init-param, you should use a plan-Ref as described here in the macro documentation settings section:
    http://download.Oracle.com/docs/CD/E18686_01/CoH.37/e18677/cache_config.htm#BABHCCHI

    
    data_distributed
    DistributedDataCache
    
        
            spring-bean:AbcMapTriggerListener
        
    
    
        
            
                
                    
                        a.b.c.AbcBackingMapListener
                    
                    
                        
                            com.tangosol.net.BackingMapManagerContext
                            {manager-context}
                        
                        
                        
                            {scheme-ref}
                            custom-object-scheme
                        
                        
                        
                            {cache-ref}
                            anotherCache
                        
                    
                
            
        
    
    0
    true



    custom-object-scheme
    spring-bean:CustomObject

    It works very well, we use it for sources of data in the cache stores and also create the ContinuousQueryCaches via the config cache.

    JK

  • No communication between the Bluetooth SD - BT2 and PocketPC SD card

    I use an SD - BT2 (PA3271U) card in a Microsoft Pocket PC (also referred to as 'Microsoft PocketPC 2003') 4.20.00. I use the latest driver Toshiba 5.01 C and the card is recognized by the Pocket PC (Medion MD 95450 / MDPPC 150). I can connect to my mobile phone and GPRS connection is accumulation with no problems.

    But later at this point in time, the connection is established but dead... no connection to anyone. It seems that the communication between the Pocket PC and the card SD - BT2 is broken on the software side.

    Anyone have an idea (or a working driver) for this problem?

    Thanks in advance

    Karl

    Hello

    Have you tried to reinstall the drivers or software for SD - BT2?
    In my opinion, you should check this option.
    Also, I found a brand new version for PDA Bluetooth Stack (Bluetooth software and drivers).
    Check out this site.
    http://APS.toshiba-tro.de/Bluetooth/pages/download.php.

    Good bye

  • authentication between the ACS and AD

    Hello

    I would like to know what kind of authentication mechanism ACS 5.1 use to speak with Active Directory. Does simply use MSCHAP, MSCHAPv2 or PAP. By default, it uses PAP to talk between the Cisco IOS and the AEC on the 5.1.

    If you llook at the default admin tab and click on allowed protocols---> he mentions PAP.

    Should I use a safe means of transport between the ACS and AD. IDF, so anyone can say the authentication mechanism?

    Thank you

    Any meeting of directors like telnet, ssh and comfort they always use PAP as an authentication method.

    Although communication pap can be captured and read in this case in clear text. However, since we have Ganymede in use, he always encrypt the whole package with shared secret defined on the IOS and ACS/GANYMEDE so if you capture traffic between the radius and the device you won't be able to decipher it without the key.

    In case you have Ray then using SSH (Putty) so that it can help you for a safe communication.

    ACS and AD support PAP, CHAP, MSCHAPv1 and MSCHAPv2.

    However, the administration does not work on another method of authentication except PAP.

    HTH

    Regds,

    Jousset

    Note the useful posts ~

  • Communication between HP eprint and Google Cloud Print

    Hello

    communication between HP eprint and Google Cloud Print seems to be broken. At least for me.

    Documents to print when I print vio Chrome browser or Cloud Print dashboard - but the State in the clouds print remains "submitted". It seems that somehow the HP eprint status doen't get referred to cloud print. In HP eprintcenter paper says "printed".

    Well, I wonder who will take care of this problem...  (Hope this does not lead to fingerpointing only...)

    Thanks for your support!

    Best,

    George

    Started more work, a few weeks ago. All is well now. Don't know who that sets well.

  • communication between master blocking and blocking fowarding sensor sensor

    1. how the communication between the master sensor blocking and blocking fowarding sensor take place?

    RDEP or SSL or SSH? Which one?

    Forwarding of blocking sensors will use RDEP more 443 (https) to communicate with the master blocking sensor.

    To ensure that the sensor of blocking of the Master to allow connections from sensors transfer blocking under the hosts permitted configuration section.

    Here's a link for how to do this with VEI:

    http://www.Cisco.com/univercd/CC/TD/doc/product/iaabu/csids/csids10/idmiev/swchap3.htm#32776

    Hope this helps,

    Peter

  • "The relationship of trust between the Client and the domain controller has been lost."

    I had a client PC connected to a DC running 2003 SBServer.

    It was this error when he tried to connect with its domain account.

    "The relationship of trust between the Client and the domain controller has been lost."

    I had to connect as Administrator local and leave/re-join the domain with a different machine name.
    How can I fix the side Server?

    Hello

    The question you posted would be better suited to the TechNet community. Please visit the link below and validate the request.

    http://social.technet.Microsoft.com/forums/en-us/smallbusinessserver/threads

    Hope this information is useful.

  • Difference between the offline and canceled State

    Hi community

    Can someone explain to me precisely the difference between the offline and not deployed State. As much as I understand in both cases memory will be released, correct?

    Kind regards

    Michael

    Hi Michael,

    If a virtual machine is off (off line), this means that the guest operating system VM was extinguished (free or here), but the virtual machine remains in stock in vCenter and all the network configuration of vSphere intact remains, such as external IP addresses for fenced configurations.

    Cancel the deployment of turn off the virtual machine (saving the State or not), delete the virtual machine inventory, delete records in vCenter VMs and view models.  If the an all fenced config is cancelled, the virtual router as well as the resulting vSwitch will be removed in vSphere.

Maybe you are looking for