[c-nsp] wireless lan controller and remote ap

Voll, Scott Scott.Voll at wesd.org
Tue Jun 5 14:00:26 EDT 2007 

Same problem I ran into... if each site is Firewalled then tunneling
traffic back to the local network becomes a problem for local access.
The only problem with out Firewalled Sites is that you traverse the WAN
twice.  

This has nothing to do with security as much as it does traffic flow.

Scott

-----Original Message-----
From: Frank Bulk [mailto:frnkblk at iname.com] 
Sent: Tuesday, June 05, 2007 10:23 AM
To: Voll, Scott; Dan; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] wireless lan controller and remote ap

With all due respect, what does a firewall have to do with this?

Are you treating wireless as an insecure medium and placing it outside
the
firewall?  With WPA-Enterprise/802.1X there's no reason wireless can't
be as
secure, if not more secure, than your wired network which is likely not
running 802.1X on each switch port.

Frank 

-----Original Message-----
From: Voll, Scott [mailto:Scott.Voll at wesd.org] 
Sent: Tuesday, June 05, 2007 10:14 AM
To: Dan; frnkblk at iname.com; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] wireless lan controller and remote ap

If I had to be perfectly honest......I hate making changes to 24 AP....
50 would really be a pain.  If this is a School district..... why do
they have to have local access.  Is each school Firewalled?  

Someone did recommend multiple controllers for redundancy which is a
good Idea.  But if the schools are not Firewalled then you should be
able to make it work without HREAP.

Just my two cents.

Scott

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dan
Sent: Monday, June 04, 2007 5:13 PM
To: frnkblk at iname.com; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] wireless lan controller and remote ap

Thanks for the info,

Well there is a few reasons that I wanted to go with cisco instead of a 
different company, but my mind isn't made up.

So as far as I can tell, i'm limited to 8 access points if i use 
H-REAP.  Controllers at each site is definitly out of the budget range.

I'm interested in the rouge access point security (I know some kid or 
better yet a staff member will try to bring in there own ap).  With 50 
AP's i'm not to worried about being able to push out configs to each 
access point.  If I had to make a change to all of them I could fine the

time.  The other concern I had is that without a controller what 
security options do I have?  Are there other things I should be looking 
into or planning for?

Thanks,
Dan.

Frank Bulk wrote:
> Right, it just depends how much Dan really wants to go with Cisco.  Or
> fumble through H-REAP.
>
> Frank
>
> -----Original Message-----
> From: Voll, Scott [mailto:Scott.Voll at wesd.org] 
> Sent: Monday, June 04, 2007 5:27 PM
> To: frnkblk at iname.com; Dan; cisco-nsp
> Subject: RE: [c-nsp] wireless lan controller and remote ap
>
> Unless you  have a bunch of AP's at each site........ $$$ wise it
> doesn't make sense to spend the dollars for controllers at each site
> IMHO.
>
> Scott
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Frank Bulk
> Sent: Monday, June 04, 2007 3:13 PM
> To: 'Dan'; cisco-nsp
> Subject: Re: [c-nsp] wireless lan controller and remote ap
>
> As Scott already posted, H-REAP is Cisco's distributed AP solution.
You
> could deploy the smaller 4400's at each location or consider the 3750G
> with its wireless support.  If that doesn't work for you, you'll have
to
> consider another vendor.
>
> Aerohive, Colubris, Meru, and Trapeze all have such
> distributed/edge-switching architectures.  See the last half of this
> column:
> http://tinyurl.com/2cs2bb
> for more details.
>
> Regards,
>
> Frank
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dan
> Sent: Monday, June 04, 2007 3:04 PM
> To: cisco-nsp
> Subject: [c-nsp] wireless lan controller and remote ap
>
> Hello,
>
> I'm interested in deploying a wireless lan in a school district.
There 
> are 19 buildings connected via wireless bridges.  I need about 45
access
>
> pointed in total and I was looking at the 4400 series of wireless lan 
> controllers.  I was wondering if it is possible to have one controller

> centrally located and have remote access points in the buildings
managed
>
> by the controller.  The only catch is I don't want all of the traffic 
> going back to the wireless lan controller, I would like the network 
> traffic to go back to the main switch, because the users will be
logging
>
> in locally, and just the management traffic to go back to the
> controller.
>
> I have been getting different answers from many people including cisco

> pre-sales, so I was wondering if anyone had real work experience with 
> this type of application?
>
> Please let me know if I was not clear.
> Thanks,
> Dan.
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>   


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list