Cisco Cisco Aironet 350 Mini-PCI Wireless LAN Client Adapter Design Guide
7-13
Enterprise Mobility 4.1 Design Guide
OL-14435-01
Chapter 7 Cisco Unified Wireless Hybrid REAP
Hybrid REAP
If a dedicated WLC is going to be used for an H-REAP deployment, a backup WLC should also be
deployed to ensure network availability. As with standard LAP deployments, the WLC priority should
be set on the H-REAPs to force association with the designated WLCs.
deployed to ensure network availability. As with standard LAP deployments, the WLC priority should
be set on the H-REAPs to force association with the designated WLCs.
WAN Link Disruptions
through
, certain H-REAP
modes and functionality require LWAPP control plane connectivity to the WLC. Following is a summary
of the features and functions that are impacted when the H-REAP is in Standalone mode.
of the features and functions that are impacted when the H-REAP is in Standalone mode.
EAP 802.1x and Web Auth WLANs
Existing local switched clients remain connected until the client roams or session re-authentication. No
new client authentications are permitted.
new client authentications are permitted.
Existing central switched clients are disconnected; no new client authentications are permitted.
As mentioned in
, open, static WEP, and WPA/2-PSK configured WLANs can
function in either Connected or Standalone modes and therefore are not impacted in the same way as
WLANs requiring RADIUS services, such 802.1x or web authentication. If there is a requirement for a
remote branch location to maintain wireless connectivity during WAN link disruptions, Cisco
recommends that a backup WLAN be implemented based on one of the three Layer 2 security polices
above. Of these, WPA2-PSK offers the strongest security and therefore is strongly recommended.
WLANs requiring RADIUS services, such 802.1x or web authentication. If there is a requirement for a
remote branch location to maintain wireless connectivity during WAN link disruptions, Cisco
recommends that a backup WLAN be implemented based on one of the three Layer 2 security polices
above. Of these, WPA2-PSK offers the strongest security and therefore is strongly recommended.
Other Features
The following features are unavailable when an H-REAP is in standalone mode:
•
Radio resource management except for DFS support, which is controlled locally at the H-REAP
•
Wireless intrusion detection
•
Location-based services
•
NAC
•
Rogue detection
•
AAA override
Radio Configuration
The following radio configuration information is maintained when an H-REAP is in standalone mode:
•
DTIM
•
Beacon period
•
Short preamble
•
Power level
•
Country code
•
Channel number
•
Blacklist