Documente Academic
Documente Profesional
Documente Cultură
Network Architecture
Mg. Leonel Hernandez
Cisco UWN Architecture
1. WLAN Technologies
2. Cisco UWN Architecture Concepts
3. LWAP and CAPWAP
4. Roaming
5. Radio Management and RF Groups
6. WLAN Design
7. Lab: RAP and MAP topology
WLAN Technologies
• WLAN applications include inside-building access, LAN extension, outside
building-tobuilding communications, public access, and small office/home
office (SOHO) communications.
• The first standard for WLANs was IEEE 802.11, approved by the IEEE in
1997.
• The current specification is IEEE 802.11-1999, with many amendments
thereafter.
Cisco UWN
• Local mode: This is the default mode of operation. In this mode, every
180 seconds the AP measures noise floor and interference, and scans
for IDS events. This scanning activity occurs on unused channels and
lasts for 60 milliseconds.
• Hybrid Remote Edge AP (H-REAP) mode: This mode enables an
LWAP to reside across a WAN link and still be able to communicate
with the WLC and provide the supported on Cisco 1130, 1140, 1240AB,
and 1250AG series LWAPs.
• Monitor mode: Monitor mode is a feature designed to allow specified
CAPWAP-enabled APs to exclude themselves from handling data
traffic between clients and the infrastructure. They instead act as
dedicated sensors for location-based services (LBS), rogue AP
detection, and intrusion detection (IDS). When APs are in Monitor
mode, they cannot serve clients and continuously cycle through all
configured channels, listening to each channel for approximately 60
ms.
AP Modes (Cont)
■ Rogue detector mode: LWAPs that operate in Rogue Detector mode to monitor for
rogue APs. They do not transmit or contain rogue APs. The idea is that the rogue
detector (RD) should be able to see all the VLANs in the network, because rogue
APs can be connected to any of the VLANs in the network. (Therefore, we connect it
to a trunk port.) The LAN switch sends all the rogue AP/client MAC address lists to
the RD. The RD then forwards those to the WLC to compare with the MAC
addresses of clients that the WLC APs have heard over the air. If the MAC addresses
match, the WLC knows that the rogue AP to which those clients are connected is on
the wired network.
■ Sniffer mode: A CAPWAP that operates in Sniffer mode functions as a sniffer and
strength, packet size, and so on. The Sniffer feature can be enabled only if you run
AiroPeek, a third-party network analyzer software that supports decoding of data
packets.
■ Bridge mode: The Bridge mode feature on the Cisco 1130 and 1240 series
(typically indoor usage) and 1500 APs (typically outdoor mesh usage) provides cost-
effective, high-bandwidth wireless bridging connectivity. Applications supported are
point-to point bridging, point-to-multipoint bridging, point-to-point wireless access with
integrated wireless backhaul, and point-to-multipoint wireless access with integrated
wireless backhaul
AP Modes (Cont)
Figure 1 Figure 2
LWAPP Discovery of WLC
WLAN Authentication
Wireless clients first associate to an AP. Then wireless
clients need to authenticate with an authentication server
before the AP allows access to services. As shown in Figure,
the authentication server resides in the wired infrastructure. An
EAP/RADIUS tunnel occurs between the WLC and the
authentication server. Cisco’s Secure Access Control Server (ACS)
using EAP is an example of an authentication server
WLC Components