09-15-2016 02:47 PM
Scenario: Small office needs at least 2 RAPs to provide wi-fi to all colleagues. The RAPs must both be wired; no remote mesh.
I thought I'd setup the 2nd RAP on a trusted port of RAP 1 and bridge or split-tunnel the WLAN traffic. Seems kinda messy though and I'm not sure I want to burn a bunch of time testing the validity of it.
I could put both RAPs behind a firewall, but our RAPs occasionally failover between different data centers. It's possible that the RAPs could end up on different controllers which would create roaming issues and I'd prefer to avoid it.
The only other thing I can think of is to turn this into an IAP deployment. Any thoughts on making two RAPs work with relative ease?
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
09-16-2016 01:30 AM
mm, it was my understanding roaming doesn't work -period- when using split-tunnel config and multiple RAPs.
That said, I've deployed it int he past. Just keep in mind that roles and states aren't synced so pretty much dot1x or psk only.
-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.