12-04-2014 06:57 PM
I just need a clarification of the below scenario. We have recently put in a Aruba Solution at our office. We have the below components.
- Aruba IAP-135
- Airwave for management
- Mobility controller -625 acting as Anchor controller.
We have about 50 remote offices and we have deployed wifi to about 10 sites with IAPs.
We have the Airwave, Clearpass & Anchor controller at the HQ. Anchor controller is used for Guest captive portal.
My question is since we are in process of deploying WiFi across all other remote sites, is this setup of running IAP better? When do we need to think of centralized controller setup. We are currently happy with the way the wifi are setup, but wanted to make sure whether it is ok to continue to use IAPs? Max APs in one site would be around 15.
Solved! Go to Solution.
12-04-2014 07:01 PM
Do you have an Aruba partner you can work with on the design? These questions are sometimes hard to answer without more context.
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
12-04-2014 07:08 PM
Just Guest users are centrally switched. Corp users are switched locally.
No VPN is being used currently apart from Guest SSID tunnelling(GRE) to Anchor controller.
IAP are currently run as only pure APs without any VPN or firewall functions.
Yes as you suggested we are getting Partner advice, but it is taking a while, as they are pretty busy.
Thanks for assisting.
12-05-2014 11:39 AM
It sounds like a good design to me - somewhat like our own.
We have 100+ remote locations with 10-18 iAP each - managed from Airwave.
We have 5 locations with 1000-140 AP each - managed from controllers (1 per site with backup from HQ) and minitored from Airwave.
We use Clearpass for corporate cert-based AAA and Controller based guest Auth over GRE tunnels as well.
We're planning to use Clearpass for the guest auth soon.
if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it