Wireless Access

Reply
Occasional Contributor II
Posts: 51
Registered: ‎02-20-2012

RAP's and SSID's

Hi all,

I've setup a RAP at one of our campuses with 2 virtual AP's (2-WLAN's); 1 for guests and 1 for staff. Things are working well but now I need to rollout another 10 RAP's to our other locations. I'm thinking those RAP's should be configured the same way as the orginal (broadcasting same SSID's, same AAA profiles, etc...)

 

Just wondering if anyone has an opinion on this and what sort of gotcha's I might be up against in the future. For example, if campus "A" wants their password changed for the staff network, that will effect all other campuses staff network correct?

 

Also, if i got this route, I will need to change the name of the AP Group to better reflect our setup (ie, I might call it: RAP group). Is there any way of doing this?

 

Sorry in advance if I've left out some important info but I'm really new at this stuff - what I can tell you is:

 

we have: 1 - 3600 controller and 16 AP's; 10 of which will be RAP's and have been whitelisted.

Regular Contributor I
Posts: 171
Registered: ‎04-13-2009

Re: RAP's and SSID's

Im not sure if there is simple way to rename an AP group. You can duplicate it from CLI by doing a show run, copying out the profile, and rename it in a text editor and paste it back in. Then reassign your RAPs to this group, and delete the original. I would like to know a better way if it exists.

 

As for what issues you might have when you have more RAPs, all settings in the AP group are shared. In the future if you want to add specific WLANs to one site but not others you would have to create a new AP Group, and modify the settings you want under that. In your example, yes all the site would share one key, so to change it at only one site I would follow these steps:

 

1. Duplicate your AP Group and make a more descriptive name

2. Browse to the settings you want to change, make the change, and use the Save-As option to create a new profile for the section you are editing(to prevent changes to the profile associated with the original AP Group)

3. Save your changes and reprovision the RAP into the new AP Group.

 

Good Luck,

 

-ELiasz

-------------------
ACDX, ACCP, CISSP, CWNA
Aruba Employee
Posts: 117
Registered: ‎09-21-2010

Re: RAP's and SSID's

In addition to Eliasz's recommendation you can also do these:

 

One of the easiest ways to rename the AP group is the cloning option on the CLI

 

(MC1-Sunnyvale-3600) (config) #ap-group <name of the new AP group>

 

(MC1-Sunnyvale-3600) (AP group "new") #clone <the AP group that has to be cloned>

 

 Say you have an AP group called RAP-ap-group and you have 10 RAPs in that group, Now if one AP has to use an additonal SSID or a different password for one of the current SSIDs then , an easy option to do this is using the AP specific configuration. 

 

If you want employee SSID on RAP 9 to use a different password then create a new VAP with new SSID profile (this will have the new password) and AAA profile (you can use the old AAA profile). Now this new VAP can be added only to RAP-9 and the old VAP can be removed from only RAP-9 using the AP specific config.

 

However, if  5 out of 10 RAPs  require password change on the employee SSID or require an additional SSID, then it is better to create a seperate AP group. In this case depending on the number of changes required you can either clone and edit the AP groups or create new AP groups.

 

ap-specific-1.png

 

 

 

ap-specific-2.png

 

 

Regards,

Sathya

 

 

 

 

 

Occasional Contributor II
Posts: 51
Registered: ‎02-20-2012

Re: RAP's and SSID's

Thanks for the replies,

I'm leaning towards separate AP groups just for ease of administration. Basically the AP groups will represent each individual campus (5 in 1 campus, 2 in another, etc)

 

Things is, all campuses will have the exact same SSID's (staff and guest) and I would like to share the same profiles and rules across the board.

 

Make sense?

Regular Contributor I
Posts: 171
Registered: ‎04-13-2009

Re: RAP's and SSID's

Good Idea, forgot about the Specific AP option. Also thanks for the tip with the clone command!

-------------------
ACDX, ACCP, CISSP, CWNA
Search Airheads
Showing results for 
Search instead for 
Did you mean: