Advantages and Disadvantages of having the APs and the WLC Management on same subnet

Good day Experts;
I have a 5760 WLC running as a centralized mode with 3702 AP terminating the CAPWAP tunnels on the 5760, I've also have another 5760 WLC with HA license, running on standby mode.
I have two questions:
1.- Can you please confirm that I don't need to configure "AP Manager" on the 5760 WLC (i.e. I don't need the following statement:   "wireless ap-manager interface vlanx" ). I don't need this configuration statement even the APs are on a different subnet than the Management of the WLC.
2.- Are there any advantages and/or disadvantages of having the APs and the management of the 5760 WLC Management on a different subnet/vlan?   
Thanks;
Juan

Hi Juan,
1. Can you please confirm that I don't need to configure "AP Manager" on the 5760 WLC
Yes, you do not want to create ap manager interface on 5760. Just management interface & that will do everything. Below should cover basics of the 5760 config
http://mrncciew.com/2013/12/12/getting-started-with-5760/
2.- Are there any advantages and/or disadvantages of having the APs and the management of the 5760 WLC Management on a different subnet/vlan?
If you put AP management on the same vlan as WLC management, then AP broadcast discovery messages will reach WLC management. So you do not want to configure any WLC discovery mechanism (DNS or DHCP option 43) for AP to find WLC to register. This is ok for small scale deployment, but if you have 500-1000 AP these AP broadcast reaching WLC will be problematic (burden WLC). So it is recommended to seperate AP management to WLC management in large scale deployment. In that case you have to define a way to AP to get WLC IP information (DNS or DHCP option 43 is most common)
HTH
Rasika
**** Pls rate all useful responses ****

Similar Messages

  • Advantages and disadvantages for having the central purchasing organization

    Hi all,
    Cud neone list out the advantages and disadvantages of having central purchasing organization.
    and what is the best practice of selecting the puchasing organization.
    Thanks

    Hi
    <i><b>Cud neone list out the advantages and disadvantages of having central purchasing organization.</b></i>
    Rather than asking for the advantages and disadvantages it will be helpful if u see why the functionality of having the purchase organisation centrally and decentralised has been provided in SAP. I hope u have seen the help file in ur SAP about purchase organisation.
    The point u can note down which will be of importance is <b><i>Each purchasing organization has its own info records and conditions for pricing.</i></b> if u go for the centralised purchasing organisation say in company code u have three plants and purchasing organisation is for all theree plants, then the conditions and inforecords holds for all the thrre plants. If u go for the decentralised say for each plant different purchse organisation then each plant has its own inforecords and conditions. This is upto the business requirement which u should select.
    Similarly u can use this logic for the following cases
    Each purchasing organization has its own info records and conditions for pricing.
    Each purchasing organization has its own vendor master data.
    Each purchasing organization evaluates its own vendors using MM Vendor Evaluation.
    Authorizations for processing purchasing transactions can be assigned to each purchasing organization.
    All items of an external purchasing document, that is, request for quotation, purchase order, contract, or scheduling agreement, belong to a purchasing organization.
    The purchasing organization is the highest level of aggregation (after the organizational unit "client") for purchasing statistics.
    The purchasing organization serves as the selection criterion for lists of all purchasing documents.
    Here u can apply the logic and see how centralised and decentralise purchasing organisation effects. Whethe u want the data should be applicable for all plants then go for centralised if not go for decenralised.
    <i><b>what is the best practice of selecting the puchasing organization.</b></i>
    I think there is no best practice as such and it depends on how u r company business works.
    I welcome the comments from experts if there is any best practice.
    Thanks
    Ravi

  • VPN ASA inside Interface and ip pool are one same Subnet

    Hi Everyone,
    I have configured RA VPN full tunnel.
    Inside interface of ASA is
    Vlan1                    inside                 10.0.0.1        255.255.255.0   CONFIG
    ip local pool 10-pool 10.0.0.51-10.0.0.100 mask 255.255.255.0
    Need to know is it good design to have both on same subnet?
    When i access the Switch  connecting to VPN ASA  inside interface via--https://10.0.0.2
    which has IP 10.0.0.2  while using Remote VPN connection to ASA it does not work gives error
    message as below
    Jan 19 2014 19:42:46: %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:10.0.0.51/51077(LOCAL\ipsec-user) dst inside:10.0.0.2/443 denied due to NAT reverse path failure.
    Jan 19 2014 19:42:57: %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:10.0.0.51/51078(LOCAL\ipsec-user) dst inside:10.0.0.2/443 denied due to NAT reverse path failure
    Jan 19 2014 19:42:59: %ASA-6-302014: Teardown TCP connection 22418 for outside:10.0.0.51/51069(LOCAL\ipsec-user) to identity:10.0.0.1/443 duration 0:01:08 bytes 1035 TCP Reset-O (ipsec-user)
    Jan 19 2014 19:42:59: %ASA-6-106015: Deny TCP (no connection) from 10.0.0.51/51069 to 10.0.0.1/443 flags FIN ACK  on interface outside
    Current NAT config is
    nat (inside,outside) source dynamic any interface
    Regards
    MAhesh
    Message was edited by: mahesh parmar

    Hi Mahesh,
    It should work but I generally would not suggest having the same network on the LAN and also configured partially as a VPN Pool network.
    Your problem at the moment is simply lacking the NAT0 configuration for the traffic between LAN and VPN Pool.
    I would suggest changing the VPN Pool first and then configuring this
    object network LAN
    subnet 10.0.0.0 255.255.255.0
    object network VPN-POOL
    subnet
    nat (inside,outside) 1 source static LAN LAN destination static VPN-POOL VPN-POOL
    We have to use the line number "1" in the above command so that it gets moved to the top since your current Dynamic PAT would otherwise override it.
    In the future it would be best if you changed your current Dynamic PAT configuration to this
    nat (inside,outside) after-auto source dynamic any interface
    We simply add the "after-auto" to this Dynamic PAT configuration so that it gets moved down in priority. The "after-auto" refers to the fact that this NAT will be inserted after Auto NAT (after Section 2). Your current rule is Manual NAT (Sectiom 1). The new rule will be Manual NAT (Section 3)
    - Jouni

  • Can I change which nic is used for a cluster network when more than one nic on the node is on same subnet?

    This cluster has been up and working for maybe a year and a half the way it is.  There are two nodes, running Server 2012.  In addition to a couple network interfaces devoted to VM traffic each node has:
    Management Interface: 192.168.1.0/24
    iSCSI Interface: 192.168.1.0/24
    Internal Cluster Interface: 192.168.99.0/24
    The iSCSI interfaces have to be on same subnet as management interfaces due to limitations in the shared storage.  Basically if I segregate it I wouldn't be able access the shared storage itself for any kind of management or maintenance tasks. 
    I have restricted the iSCSI traffic to only use the one interface on each cluster node but I noticed that one of the cluster networks is connecting the management interface on one cluster node member with the iSCSI interface on the other cluster node member. 
    I would like for the cluster network to be using the management interface on both cluster node members so as not to interfere with iSCSI traffic.  Can I change this?
    Binding order of interfaces is the same on both boxes but maybe I did that after I created the cluster, not sure. 

    Hi MnM Show,
    Tim is correct, if you are using ISCSI Storage and using the network to get to it, it is recommended that the iSCSI Storage fabric have a dedicated and isolated network. This
    network should be disabled for Cluster communications so that the network is dedicated to only storage related traffic.
    This prevents intra-cluster communication as well as CSV traffic from flowing over same network. During the creation of the Cluster, ISCSI traffic will be detected and the network
    will be disabled from Cluster use. This network should set to lowest in the binding order.
    The related article:
    Configuring Windows Failover Cluster Networks
    http://blogs.technet.com/b/askcore/archive/2014/02/20/configuring-windows-failover-cluster-networks.aspx
    I’m glad to be of help to you!
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • What vlan should the WLC management be in

    We are using wireless controller 5508 and 1142n ap
    We have all the wireless configured on vlan 36
    the dhcp server is in vlan 1
    At present we have the management port on subnet 32 vlan1
    And it seems to be working it see all the access points and we are using the wireless with Leo problem.
    But is the proper way in setting the management interface port on the controller or should have an IP address and vlan identifier of 36.

    Honeslty, that is up to you.  I have customers that start off WLC and AP all in the same subnet, but it is not necessary.  I also have customers that put the WLC mgmt in the 'server' VLAN, and the AP in their own.
    IMHO, I like the WLC to be in 'server' or 'secured' VLAN, then I put the AP in their own VLAN that is locked down to only getting DHCP and talking to the WLC.  that way if someone unplugs an AP and connects something they can't get anywhere.
    HTH,
    Steve
    Please remember to rate useful posts, and mark questions as answered

  • Windows 2012 routing and remote access service with same subnet

    I have internal server IP range -192.168.1.0/24
    Windows routing and remote access service  with vpn client IP -192.168.11../22
    client side IP subnet is -192.168.1.0/24
    So we wan routing \ NATING between  192.168.1.0/24 to 192.168.11.0/22 so if vpn user try to ping 192.168.11.5 it should internally forward all request to 192.168.1.5 
    <p>Don't forget to mark helpful or answer</p> <p>connect me :-</p> <p>http://in.linkedin.com/in/satya11</p> <p>http://facebook.com/satya.1000</p>

    Hi,
    According to your description, my understanding is that VPN client and internal network has the same IP range -192.168.1.0/24. And you want to transfer internal network from IP address 192.168.1.0/24 to 192.168.11.0/22.
    Agree with Charles David’s point of view. The easiest way to fix routing confusion would be to either change the VPN subnet or the VPN client subnet.
    Or, if you configure Windows Server(RRAS) as VPN server, you may enable NAT to transfer internal IP address:
    1. Open RRAS, add NAT.
    2. New interface to NAT and configure it as public interface.
    3. Open Address Pool tab, add IP address range 192.168.11.0/22.
    4. Click Reservations, add reserved IP(192.168.11.0/22) and corresponding internal IP(192.168.1.0/24) one by one.
    This would be a lot of workload. Besides, you may use 3rd party devices to transfer subnet IP addresses.
    Best Regards,
    Eve Wang 
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Management and AP Manager on Different Subnets ...

    Hello,
    I am getting ready to implement a WLAN where the customer has designed the Management and AP Manger to be on different subnets.  I have never done a WLAN implementation in this manner because per Cisco's config guide it states ...
    "The AP-manager interface’s IP address must be different from the management interface’s IP address and may or may not be on the same subnet as the management interface. However, Cisco recommends that both interfaces be on the same subnet for optimum access point association."
    So, I have always followed this recommendation and have always made the 2 interfaces be in the same subnet with IP's in sequential order.  The config guide does say it'll work but I am just not sure what if anything do I have to do for this to work properly ... or if there is really a difference on how the process works doing it either way.
    I plan on using LAG with Layer 3 ... most times I place the APs in the same wireless subnet/vlan as the management interface and AP manager but in this case or until I get more info it looks like they all may be in different subnets. So, if that's the case would I just need to use the Option 43 so the APs can find the WLC and if that is the case would I put the AP Manager IP or still use the WLC IP ... guess I would have that same question if I went the DNS route?  Or do I still use the WLC IP address for the APs to join and at that point the AP Manager would take over the LWAPP communications?
    Thanks for all your help in advance!

    You should be using the WLC Management IP as documented in "Cisco 440X Series Wireless LAN Controllers Deployment Guide". Below is quoted from that document.
    "The IP address of the WLC Management Interface should be used for Option 43 and DNS resolution of
    CISCO-LWAPP-CONTROLLER.localdomain." For further information, see the section on "Understanding
    Deployment Basics" beginning on page 13. Detailed information on using vendor specific DHCP Option 43
    for WLC discovery is included in Appendices C, D, and E of this document.
    Also there is no issue having the AP Manager and Management interfaces in different vlans although not recommended, just be sure to allow both vlans across the trunk to the WLC. I would also recommend placing your APs in different vlans than the WLC Mgmt/AP Mgr vlan. Cisco recommends having no more than 60-100 APs per vlan to minimize re-association problems in case of network failure.

  • Cisco NAS IP is SSID interface IP and not WLC IP

    Hi,
    The radius packets are being dropped on my ISE deployment because the NAS IP is being detected as the SSID IP and not the IP of the WLC. I want the IP of the WLC to be the NAS IP because the WLC is what I've configured as the NAD in the ISE itself.

    I have configured the management interface IP - 192.168.1.1 (from where I access the GUI) as the NAD in ISE.
    The SSID interface IP is 192.168.7.1. Obviously, since this isn't configured as a NAD in ISE, the radius packets sourced from this IP are being dropped.
    I have another SSID with IP 192.168.5.1, but in this case, the NAS IP mentioned in the ISE logs indicate the WLC Management IP which is perfectly fine and this is what should happen.

  • Cisco APs not joining WLC

    Hi guys,
    I am in the process of configuring a WLC and got stuck due to APs are not joining the WLC.
    I have configure DHCP server on the Gateway router and the WLC management interface is pointing to the Gateway as DHCP Server.
    I have multiple Dynamic interfaces configured on the WLC and Interface group has been configured and mapped to Management Interface.
    For each WLAN, a separate DHCP pool has been created on the router.
    LAG has been configured and working fine. Connectivity works fine in the network and I can ping all devices and vlans from WLC.
    Now, the APs are not joining the WLC. The error I am getting
    " 44:03:a7:f1:b4:40 Received a Discovery Request from 44:03:A7:F1:B4:40 via IP broadcast address but the source IP address (10.xx.xx.xx) is not in any of the configured subnets. Dropping it "
    Some one help me troubleshooting this issue with DHCP IP Assignment.
    Thanks,
    CJ

    If you are using Broadcast method to discover WLC to AP then you need to ensure following is correctly configured.
    1. Unders the switch SVI defined for AP-management (10.38.11.x) you have to configure "ip helper-address "
    2. In switch global config "ip forward-protocol udp 5246"
    Refer this for more detail
    http://mrncciew.com/2013/05/04/wlc-discovery-via-broadcast/
    There are other methods available as well (static, DNS, DHCP option 43) for the WLC discovery purpose. To verify there is no configuration issues at WLC end, you can simply configure the WLC details on AP statically & check wether AP get register to WLC. To do this you can enter following CLI commands on AP console priviledge mode.
    debug capwap console cli
    capwap ap ip address 10.38.11.x 255.255.255.x
    capwap ap ip default-gateway 10.38.11.y
    capwap ap controller ip address
    In this way your AP should get registered to WLC (if no config issue at WLC end). Refer this for more detail
    http://mrncciew.com/2013/03/17/ap-registration/
    If you have so many APs, then as Steve pointed configuring DHCP-Option 43 would be a good option
    Regards
    Rasika
    **** Pls rate all useful responses ****

  • What is the advantages and disadvantages of having 2012 DHCP within the Domain or its better to keep it stand alone

    What is the advantages and disadvantages of having 2012 DHCP within the Domain or its better to keep it stand alone
    I am Trying to upgrade Current DHCP 2003 Server to 2012 to get benefit from the latest fail over plan and I Want to be sure that it doesn’t affect the current setup

    Hi,
    For DHCP migration, there won’t be any problem. You can follow the guide below:
    Step-By-Step: Migration of DHCP from Windows Server 2003 to Windows Server 2012
    http://blogs.technet.com/b/canitpro/archive/2013/04/29/step-by-step-migration-of-dhcp-from-windows-server-2003-to-windows-server-2012.aspx
    If you have any other role installed on windows server 2003, please read the relevant article:
    Migrate Roles and Features to Windows Server 2012
    http://technet.microsoft.com/en-us/library/dn486809.aspx
    Hope this helps.

  • Advantages and disadvantages of having 2 controlling areas.

    Dear All.
    My client have 2 company codes and will use same fiscal year variant and chart of account. so we recommend for one contrilling area. But my client wants some document or wants to know the advantages and disadvantages of having 2 controlling areas.
    I will really do appreciate if anybody hepls me in this regards.

    there is no general correct answer as every case is the different.
    However, the majority of solutions that have a single CoA will also have a single Controlling Area.
    The Controlling Area is the highest reporting level in Controlling, PCA, CCA etc.
    Normally if you have two CoA then you will have two Controlling Areas.
    A simple point to make to them is that a Controlling Area can only have 1 CoA, therefore you cant have 2.
    Are your Company Codes in the same Country?

  • What are the advantages and disadvantages of suppressed and unsuppressed content in indesign layer option?

    what are the advantages and disadvantages of suppressed and unsuppressed content in indesign layer option?

    I occasionally use layers set to suppress output for holding text that differs from the text in the visible part of a document that I need for variables or TOC entries sometimes, or for notes or guides I want in the file but I don't want printed. You might also want to suppress a layer with some sort of overlay, like the die-lines for a die-cut piece, when you export a PDF for screen viewing.
    I'm sure you can come up with other reasons for having content on a page in the layout, but not in the final output.

  • What are the advantages and disadvantages to cookies?

    Ok, so I am required to interview some expert for a Final in college. I choose to do my final on cookies throughout the different browsers. The downside is that it is nearly impossible to get a one-on-one interview from an expert in this field. This is my next option. So here are my questions, and I greatly appreciate the help.
    1. What are the advantages and disadvantages of cookies?
    2. Where are the cookies stored, and is it possible for someone to access that information?
    3. You hear horror stories of hackers accessing the different cookies saved on a person's computer, and from there gradually piecing together enough information about that person, to hack into nearly every account they have. How probable is this? What safeguards can a person take against this happening?
    Once again, thank you for any help received.

    I attended uni back in the 70's, and as I recall we had to do some actual research for our term papers - like from books in the library, and needed to "document" our research in a footnote for each page.
    I guess times have changed a bit since then I guess - anecdotal evidence is permissible now?
    Here's a search of articles in the Mozilla Developer Network documentation.
    https://developer.mozilla.org/en-US/docs/tag/Cookies

  • What are the Advantages and Disadvantages of OC4J ?

    Hi,
    I want to know what are the advantages and disadvantages of OC4J server .
    Can anyone tell me please..
    Regards,
    Ajay

    simple, reliable, extremely fast and low cost of development: re-start takes 10 - 15 seconds. Its disadvantage may be less flexibility in configuration then heavy-weight Weblogic

  • What are the advantages and disadvantages of suppressed and unsuppressed content?

    what are the advantages and disadvantages of suppressed and unsuppressed content?

    Hi Surya,
    surya n wrote:
    what are the advantages and disadvantages of suppressed and unsuppressed content?
    Are you referring to compressed files in your statement?
    If yes, then let me give you a general idea about it -
    Compressed file occupy less memory space as compared to its uncompressed counterpart, and hence can be uploaded/downloaded faster than the uncompressed one.
    Moreover Compressed files are less vulnerable to Malwares and Trojans, provided it is Locked and encrypted as well, Uncompressed files are more vulnerable to Malwares and viruses in general.
    I would love to help you with your query however i need to know that in which context you are asking this question so that i can point you in the right direction. Moreover please let me know if you are facing any type of Technical issue in any Adobe Product or Online service.
    Regards,
    Rahul

Maybe you are looking for

  • ALV Report printing to A3 format

    Hi We have written an ABAP ALV report to extract information from any number of Sales Orders from a given set of criteria. A number of layouts have been created. The layouts have been defined by the business (as they wanted the same format as they we

  • PI 7.1 Adapter Level Logging documentation

    Hello, I am pretty new at PI 7.1. We are working on a logging documentation which requires us to layout how logging works in PI 7.1 both in ABAP and Java Stacks. Also, If possible could someone point me into right direction on logging documenatation

  • Monitoring on PO system

    Hello, I have a BPM PO scenario where I want track my message flow in Production. In the Manage process section I see that there is a button at the bottom left that says Show Related PI Messages for a particular process. When I click it , it says no

  • How to delete screen saver preferences

    Friends, I'm running an imac 27 i7 with fully up-to-date snow leopard. I have my screen saver set to an aperture smart folder with family photos. Periodically, the machine switches the screen saver folder to a completely unrelated folder of about fiv

  • Automatic and manuvall Document types in sap

    Hi Experts, My Client wants maintanin  manuvally & automatic different document types,let us take one example Automatic doc type We run the Brs docuement type SAwill be  automaticall zanareted, so this one come to SB (in case we are maintain the OBA7