Same problem I ran into... if each site is Firewalled then tunneling traffic back to the local network becomes a problem for local access. The only problem with out Firewalled Sites is that you traverse the WAN twice.
This has nothing to do with security as much as it does traffic flow. Scott -----Original Message----- From: Frank Bulk [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 05, 2007 10:23 AM To: Voll, Scott; Dan; [email protected] Subject: RE: [c-nsp] wireless lan controller and remote ap With all due respect, what does a firewall have to do with this? Are you treating wireless as an insecure medium and placing it outside the firewall? With WPA-Enterprise/802.1X there's no reason wireless can't be as secure, if not more secure, than your wired network which is likely not running 802.1X on each switch port. Frank -----Original Message----- From: Voll, Scott [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 05, 2007 10:14 AM To: Dan; [EMAIL PROTECTED]; [email protected] Subject: RE: [c-nsp] wireless lan controller and remote ap If I had to be perfectly honest......I hate making changes to 24 AP.... 50 would really be a pain. If this is a School district..... why do they have to have local access. Is each school Firewalled? Someone did recommend multiple controllers for redundancy which is a good Idea. But if the schools are not Firewalled then you should be able to make it work without HREAP. Just my two cents. Scott -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dan Sent: Monday, June 04, 2007 5:13 PM To: [EMAIL PROTECTED]; [email protected] Subject: Re: [c-nsp] wireless lan controller and remote ap Thanks for the info, Well there is a few reasons that I wanted to go with cisco instead of a different company, but my mind isn't made up. So as far as I can tell, i'm limited to 8 access points if i use H-REAP. Controllers at each site is definitly out of the budget range. I'm interested in the rouge access point security (I know some kid or better yet a staff member will try to bring in there own ap). With 50 AP's i'm not to worried about being able to push out configs to each access point. If I had to make a change to all of them I could fine the time. The other concern I had is that without a controller what security options do I have? Are there other things I should be looking into or planning for? Thanks, Dan. Frank Bulk wrote: > Right, it just depends how much Dan really wants to go with Cisco. Or > fumble through H-REAP. > > Frank > > -----Original Message----- > From: Voll, Scott [mailto:[EMAIL PROTECTED] > Sent: Monday, June 04, 2007 5:27 PM > To: [EMAIL PROTECTED]; Dan; cisco-nsp > Subject: RE: [c-nsp] wireless lan controller and remote ap > > Unless you have a bunch of AP's at each site........ $$$ wise it > doesn't make sense to spend the dollars for controllers at each site > IMHO. > > Scott > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Frank Bulk > Sent: Monday, June 04, 2007 3:13 PM > To: 'Dan'; cisco-nsp > Subject: Re: [c-nsp] wireless lan controller and remote ap > > As Scott already posted, H-REAP is Cisco's distributed AP solution. You > could deploy the smaller 4400's at each location or consider the 3750G > with its wireless support. If that doesn't work for you, you'll have to > consider another vendor. > > Aerohive, Colubris, Meru, and Trapeze all have such > distributed/edge-switching architectures. See the last half of this > column: > http://tinyurl.com/2cs2bb > for more details. > > Regards, > > Frank > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dan > Sent: Monday, June 04, 2007 3:04 PM > To: cisco-nsp > Subject: [c-nsp] wireless lan controller and remote ap > > Hello, > > I'm interested in deploying a wireless lan in a school district. There > are 19 buildings connected via wireless bridges. I need about 45 access > > pointed in total and I was looking at the 4400 series of wireless lan > controllers. I was wondering if it is possible to have one controller > centrally located and have remote access points in the buildings managed > > by the controller. The only catch is I don't want all of the traffic > going back to the wireless lan controller, I would like the network > traffic to go back to the main switch, because the users will be logging > > in locally, and just the management traffic to go back to the > controller. > > I have been getting different answers from many people including cisco > pre-sales, so I was wondering if anyone had real work experience with > this type of application? > > Please let me know if I was not clear. > Thanks, > Dan. > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
