I've done a number of controller-based installations in residential locations. Recently I attempted using IAP-103's and it didn't go well at all. Luckily I had a 7005 controller and just converted all of the IAP's to campus AP's. The issue I experienced was once I configured the first IAP & it rebooted one of two things happened. First either the new SSID wasn't appearing and couldn't connect to it with my laptop. Second, the newly provisioned AP couldn't communicate with the other 6 AP's. Essentially I was able to get the first IAP provisioned & working most of the time, but adding the subsequent IAP's wasn't working at all.
All of the documentation I've read explains clearly how to setup the very first IAP, but I haven't found anything solid that explains adding the rest of the IAP's to the new cluster. Am I missing something simple here. I keep hearing that this is supposed to be totally easy, but my experience was anything but. Also, when you're dealing with multiple VLANs, what is the best practice for switchport configuration?
Also, as far as residential & Instant are concerned, I'd love to hear what others have used for routers in this type of deployment. Thanks in advance!
Yan, it was 188.8.131.52. Country code was US. DHCP was configured on the 7005 controller which was only operating as a router/firewall and not a WLC initially.
In this scenario, the AP's & wired/wireless clients are all on the same VLAN. Probably the most frustrating part of the process was that once I configured that first IAP, it seemed like it took an extremely long time for my Windows 8 laptop to associate with the new configured SSID. I suppose its possible it was related to an issue with my laptop. Anyone else run into this?
Most likely what you were running into was broadcast traffic on that flat network interfering with the beacons between the APs to establish discovering and joining the cluster. The wireless performance can even be impacted if the traffic on the wire is not properly segmented.
It is a best practice to create a dedicated management VLAN just for the IAPs. This VLAN would be your native or untagged VLAN on the switch port. The APs will need to get their DHCP service from this VLAN and this VLAN would be the one ideally that you would configure the virtual controller IP to be on.
Create other VLANs dependent on the customer requirements and tag these VLANs on the switchports supporting the APs. You can address directing user traffic to these VLANs within your configuration on the APs. It can be a static assigment per SSID or per user role.
Depending on what is on that flat network you might want to potentially even segment the wired traffic to improve performance for other systems.
We have installed the IAPs in several residential/assisted living/hospitality environments and it works really well if you follow best practices.
Thanks, Michael. I will definitely do the untagged VLAN going forward for the IAP's. What sort of routers do you like to use in conjunction with IAPs? Specifically in either residential or small commercial deployments.
Clayman,In smaller deployments we like the Fortinet line of UTM devices. In larger ones we opt for Palo Alto.Michael McNameeSenior Network Engineerwww.securedgenetworks.com
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.