WLC centralized with several remote Sites
Hi people,
I read the documentation of design for wireless devices, and I can't find a definitive answer to the following:
Is it possible to have a WLC centrally (in a DMZ), who controls several remote sites? Each site must have the same SSID, however the IP subnet will be different at each site.
I have attached a base PDF showing what we are trying to achieve.
Thanks for your help.
Kris
Of course, you could put either the AP mode H-REAP so that the data of the customer traffic is enabled locally to the AP or you can use groups of AP. With groups AP customer traffic be dug to the controller and group AP policy would determine which interface / VLAN, traffic should be poured in.
Tags: Cisco Wireless
Similar Questions
-
How can I monitor hyperic several remote sites with hyperic?
We have implemented a hyperic server in AWS.
We have a lot of remote sites with a server on site. Each site has its own public static IP address.
Here is how we have implemented hyperic right now:
agent.setup.camIP = static public IP of the server in AWS
agent.setup.camPort = 7080
agent.setup.camSSLPort = 7443
agent.setup.camSecure = yes
agent.setup.camLogin = login
agent.setup.camPword = pass
IP #agent.setup.agentIP = public site
agent.setup.agentPort = 2144
#agent.setup.resetupTokens = no
agent.setup.acceptUnverifiedCertificate = yes
At each site, we have a router that port forwarding on the server. If each server is behind a router and has private static IP such as 192.168.30.101
We have no problem setting up hyperic on the local server, the problem is that Hyperic HQ is overwhelming the servers. He takes the static private ip address and keep overwriting the latest version of the server.
Even if we have different server names and the public IP address different when we put in place the agent, once we have put in place the agent and he start shooting the metrics, hyperic just replaces the last installed server monitoring.
any way to disable the IP address local hyperic traction?
This could be referred as "PIN to a specific IP address" that is required when a platform has multiple NICs or IP address addresses and is accomplished by adding additional guidance to the agent.properties file. Because you specified a specific port of installation, it is better to pin which as well.
agent.listenIp =
agent.listenPort = 2144I suggest that you also uncomment:
#agent.setup.agentIP =
as well as (properly defined):
#agent.setup.unidirectional = no
The setting is described in the header section of the agent.properties file.
# Agent configuration file
#
# The following is the properties of the Agent recognizes:
#
# agent.listenPort
# Default: "2144.
#
# Description: Port that listens to the agent.
#
# agent.listenIp
# Default: «*»
#
# Description: Address that the agent to listen. If the value "*",
# the agent will listen on all available interfaces.1.), you now have:
agent.setup.camIP = static public IP of the server in AWS
agent.setup.camPort = 7080
agent.setup.camSSLPort = 7443
agent.setup.camSecure = yes
agent.setup.camLogin = login
agent.setup.camPword = pass
IP #agent.setup.agentIP = public site
agent.setup.agentPort = 2144
#agent.setup.resetupTokens = no
agent.setup.acceptUnverifiedCertificate = yes2.) stop of the agent:
3.) change this option and add the additional guidance.
agent.setup.camIP = static public IP of the server in AWS
agent.setup.camPort = 7080
agent.setup.camSSLPort = 7443
agent.setup.camSecure = yes
agent.setup.camLogin = login
agent.setup.camPword = pass
IP agent.setup.agentIP = public site
agent.setup.agentPort = 2144
agent.setup.resetupTokens = no
agent.setup.acceptUnverifiedCertificate = yes
IP agent.listenIp = public site
agent.listenPort = 21444.) remove the agent data directory (it is re-created later start)
5.) restart the agent (this will trigger a reconfigure)
6.) I accept agent inventory
-
ASA EzVPN with several remote subnets
Hello world
I'll have the challenge of EasyVPN installation based on ASA 5520, and ASA 5505 (with the ASA5505 as the vpnclient) with several networks behind the ASA 5505.
Access by the network directly connected on the 5505 to the central site works very well.
But the second network segment (which is behind a router on the directly connected network) cannot connect to the central site.
I guess I need to specify that some sort of acl's to be able to do that.
BTW we do not use tunneling split, because all traffic moves through the tunnel (no local internet access).
The layout looks like this
(--LAN--)-5520---5505-(--LAN1--)-ROUTER-(--LAN2--)-(WAN)-
LAN1 and LAN connection works great through the EZVPN Tunnel.
LAN2 connection to the LAN does not work through the Tunnel of EZVPN.
Here is the configuration used so far (outside the normal SHEEP, groups of objects and stuff ISAKMP crypto):
Client:
vpnclient Server 10.x.x.x
extension-mode network mode vpnclient
EzVPN vpngroup vpnclient password *.
vpnclient username user1 password *.
vpnclient enable
Crypto ipsec df - bit clear-df outdoors
Server:
internal EzVPN group strategy
Group Policy attributes EzVPN
allow to NEM
allow password-storage
tunnel-group EzVPN type ipsec-ra
General characteristics of tunnel-group EzVPN
Group Policy - by default-EzVPN
IPSec-attributes tunnel-group EzVPN
pre-shared key *.
user user1 password *.
I hope you can help
Best regards
Jarle
Unfortunately, it is not supported on the platform of the SAA. With EasyVPN on the SAA, only the connected networks can be advertised. To accomplish what you want to do, you need to configure a static IPSec tunnel and announce local networks via ACL interesting traffic. You can also use an IOS device that does not have the capabilities of "multiple subnet" with EasyVPN.
-
Can also interface with VPN remote site also for another use?
Hi all
An interface used for the remote site VPN on PIX can be used for another function, for example for the smtp server and web publishing?
Thank you!
Best regards
Teru Lei
Yes! of course you can. Just try it.
--
Alexis Fidalgo
Systems engineer
AT & T Argentina
-
SRM with several paired sites?
We have three data centers: A, B and C. With SRM, is it possible for Site B to be associated with sites has and C such as site failover for these two data centers (A and C)?
Yes it is possible. This feature is called shared recovery Site. It is new in 4 SRM.
You can get some information about this feature in the following document:
http://www.VMware.com/PDF/srm_shared_recovery.PDF
Regarding your second question - it works with a vCenter server on each site.
-
. Audio OGA works very well with local files, is to play at the remote site.
I created a mini-site. It works well when I test it on my computer using local files, but the sound does play with it is downloaded on my remote site.
The problem occurs on multiple computers, with several versions of Firefox, on Windows 7 and OSX Snow Leopard.Your server sends the correct MIME information in the Content-Type header? See this link for more information: https://developer.mozilla.org/en/Configuring_servers_for_Ogg_media
-
A WLC headquarters and Remote Site
Hello
I have a question for the WLC remote deployment.
For the moment, we have the following design:
Head office
-Network 192.168.49.0/24
-WLC 4402 Version 4.2.61.0
-3 x LAP1252
-LWAPP layer 3
-Wep SSID
-Wpa SSID
-Windows PDC with Active Directory, DHCP server and data storage local
-ACS Version 3.2 for RADIUS and RADIUS authentication--> external DB to Active Directory
Remote site
-Network 192.168.50.0/24
-2 x LAP1252
-Wep SSID
-Wpa SSID
-Windows PDC with Active Directory, DHCP server and data storage local
-ACS Version 3.2 for RADIUS and RADIUS authentication--> external DB to Active Directory
Connection between the seat and the Remote Site
-2 Mbit ADSL
The problem is, wireless on the remote site clients get an IP DHCP 192.168.49.0/24 Beach headquarters. Users at the remote site
most of the time only using the local database server in the remote offices. With the actual design connection ADSL 2 Mbit passes traffic hole the
WLC at Headquarters and at the remote site. It works but it is not that efficient.
The problem could be solved with HREAP, but what I think is, that it is not possible to have the same SSID to Headquarters and remote site with different VLAN.
How can I achieve this, the clients at the remote site to connect to the same SSID (wep or wpa), get an ip address from the remote site (192.168.50.0) DHCP server
and the traffic is enabled locally.
I hope that you understand what is the problem.
Thank you in advance for your help!
Yes, putting the HREAP remote access point mode will allow the WLAN even to be available on the access point but the traffic could tip locally to the AP instead of in the tunnel to the controller. After the AP mode HREAP you re so what VLAN you want traffic for each WLAN to immerse on for this AP.
-
VPN site-to-Site: several remote networks
Examples of VPN Site to Site ASA configuration that I have met has only a single network at both sites.
If the network/remote site multi-network for example DMZ1, DMZ2, etc. from the INSIDE how can it be added via the wizard of Site to Site VPN ASDM.
Thank you.
Hello
I have not seen an example of specific configuration with the addition of several networks for tunnel l2l IPSEC via ASDM.
Generally speaking, you would just follow the same process in the Sub URL, but add all the multiple networks local and remote networks that you want to be protected IPSEC.
http://www.Cisco.com/en/us/docs/security/ASDM/6_1/user/guide/vpn_wiz.html#wp999348
Kind regards
Arul
* Rate pls if it helps *.
-
SA520W VPN from Site to Site with several VLANs
Hello
I have a customer here with several VLANS in their places who wants to set up a VPN from Site to site between 2 devices SA520W. Unfortunately I can not find a way to set it up. In the VPN policy, I can choose between everything (which is not what I want, I want only traffict between subnets the routed via VPN), IP address unique, a beach (in a subnet) and a subnet itself - but only one. I don't find a way to configure several subnets in the selection of local traffic and remotely. Adding another IKE policy between the 2 sites does not either (which is good normally).
Any ideas? Anything I'm doing wrong?
Thank you for your help.
Best regards
Thomas
I know that if you have an ASA or a router, you can define as VLANS to pass through the tunnel.
Do not have access to a SA520W to test...
A recommendation might be to post the question on the SMB community where they answered questions related to this product, just to check what other people did.
Federico.
-
Fields on several Internet sites have been changed in another language. The browser is set to English, and this problem does not occur with Chrome. Specifically, a large part of Tumblr and Facebook menu has been changed in another language (Russian, I think). I tried reinstall Firefox, clear the cache and reset firefox to its default state. None of them helped. Any suggestions on how to fix this?
Hey again,
Sometimes a problem with Firefox can be a result of malware installed on your computer, you may not be aware of.
You can try these free programs to search for malicious software that work with your existing anti-virus software:
- Microsoft safety scanner
- MalwareBytes' Anti-Malware
- TDSSKiller - AntiRootkit utility
- Hitman Pro
- ESET Online Scanner
Microsoft Security Essentials is a good permanent antivirus for Windows 7/Vista/XP, if you do not already have one.
More information can be found in the article troubleshooting Firefox problems caused by malware .
I hope this helps!
Curtis
-
I have several Web site tab groups that each would open by double clicking a single shortcut.
For example: when I do my banking online, I would like to open a single shortcut, and then that would open all of my banking sites, each in a different tab.
Do you mean start via a shortcut on the desktop?
You can add all the URLs on the command line, separated by a space.
If the list is too long, so you must use a firefox.cmd file to start Firefox with all sites. -
When you work in Firefox, is there a way to open a new window with a site when the House on Firefox setting has several Web sites?
Firefox always opens a new window with the home page (s), you must use shift + left click on a link (bookmark) to open a page in a new window or just rip an existing tab by dragging the tab slightly downwards to open the tab in a new window.
-
Hello
I integrated LIVE ID with Sharepoint 2010 and got the same compliance.
In sharepoint server 2010, several sharepoint sites are run under port 443 with different domain names.
I configured 1 LIVE ID certificate for one of our sharepoint sites would like to know can I use the same certificate for other sites too or I need to install other certificates LIVE ID to access other sites.
How can I get prod LIVE ID certificates are available for free as nexus offers two certificates INT and PROD (x 509 certificate) or do I need to buy.
If I need to buy where can I buy it go?
Hi ppdremsadm,Your question of Windows is more complex than what is generally answered in the Microsoft Answers forums as it is related to the configuration of Live ID in Sharepoint 2010. It should be better in the Forums of Windows Sharepoint.
Please ask your question in products and technology SharePoint forums to improve assistance in this regard.
-
Dear Experts,
If we have 2 remote sites with the same shared storage, can mount us a drive on remote site?
- Assume that the oracle database is on the shared disk (for example HP 3PAR)
- Primary Oracle server with storage as a common drive (storage shared on sites geographical apart) have all the files database.
- failure, it is possible to mount the drive even at the remote site and mount the database oracle it?
There must be no effect on the as it should the same disk that has dismantled master site.
Thank you and best regards,
IVW
Thanks a lot mseberg
Is it a design valid ?
- We have remote sites and want to set up DR. As we only SE pare data is therefore no choice.
- We think of the SAN replication option.
Have you ever seen / configured such architecture or design?
Can you please throw some light on this. Thanks in advance for your ideas.
Thank you best regards &,.
IVW
-
I've updated my Muse app to the latest version of July and since then my Muse forms do not work with several of my web hosting providers. Is this a case of the site not having host is not the latest version of PHP?
Please consult this document:
Troubleshooting Muse form used on the servers of third party Widgets
Thank you
Sanjit
Maybe you are looking for
-
I can't log directly without going through Internet Explorer?
When I click on the Firefox logo, that nothing happens so I get first in line with IE, then then I do not have the familiar Firefox tabs.
-
Now, when I search in GMail, it searches across the Web, rather than only my mail messages.
-
Hi, I'm a big user of PC, but don't really know anything about them, my husband bought me a Tecra, which I tried to connect using the new Netgear router cable to my second hand pc, (I am a user of NTL) all systems are looking good and it says its con
-
How to change DI unbuffered mode
My request is when a fall from digital input (camera ready) edge arrives, it will trigger a pulse counter 0, open the shutter of camer. The following code does this: camShutterOutputTask.COChannels.CreatePulseChannelTime ("Dev1/ctr0", "",)COPulseTime
-
__I have a range of printers HP psc 1200 and it's offline.
I turned off and unplugged and it is always offline