MY80211
INTEL WIRELESS
CCIE Wireless V3
Cisco Wireless
Wired Stuff
CCIE Wireless v2
WiFi Tablet Corner
My80211 Projects
WiFi Tools
CWNP or BUST Blogs!
My80211 White Papers (Coming Soon!)

Cisco Wireless Compatibility Matrix (Nov. 2011)

Podcasts / Videos

My80211 Videos

Cisco: 802 11 frames with Cisco VIP George Stefanick

Fluke Networks: Minimize Wi Fi Network Downtime

Aruba: Packets never lie: An in-depth overview of 802.11 frames

ATM15 Ten Talk “Wifi drivers and devices”

Houston Methodist Innovates with Wireless Technology

Bruce Frederick Antennas (1/2)

 

Bruce Frederick dB,dBi,dBd (2/2)

Cisco AP Group Nugget

Info
Social Links
Revolution WiFi Capacity Planner

Blogroll Call
Cerification Guides and Books
IEEE 802.11 STANDARDS
Anchor / Office Extends Ports

 

Peek Inside Cisco's Gear

See inside Cisco's latest wireless gear!

2.4 GHz Channel Overlap

EXAMPLE 1  

EXAMPLE 2

EXAMPLE 3  

CWSP RELEASE DATE 2/08/2010
  • CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204
    by David D. Coleman, David A. Westcott, Bryan E. Harkins, Shawn M. Jackman

    Shawn Jackman (Jack) CWNE#54 is a personal friend and has been a mentor to me for many years.  I've had the pleasure and opportunity to work with Jack for 4 years. Jack is a great teacher who takes complex 802.11 standards and breaks them down so almost anyone can understand the concept at hand. I'm excited for you brother. Great job and job well done! Put another notch in the belt!

IEEE 802.11a/g/n Reference Sheet

 

LWAPP QoS Packet Tagging

 

 

Interference Types

BLUETOOTH
 

Microwave Oven
 

Cordless Phone

JAMMER!
 

« WLC: Management via Wireless – Did you know ? | Main | WLC: Predownload the Image to the Access Points from the controller CLI »
Thursday
Mar032011

WLC: Internal Anchoring Solves VRF Challenge

DateThursday, March 3, 2011 at 10:53PM

Internal Anchoring -- Thinking outside of the box

Cisco’s unified guest architecture, also referenced as ‘anchoring or auto anchoring’ is a common way to provide a secured wireless guest solution in an enterprise environment. What makes this secure and unique is the native frame generated by the wireless guest never touches the network switch fabric, until it egresses the anchors outside controller port where the encapsulated frame is unwrapped. At which point, the 802.11 header is stripped and 802.3 headers are installed and the frame is placed on the wire.

You can read more about anchoring here:

http://revolutionwifi.blogspot.com/2010/10/auto-anchor-mobility-fundamentals.html

http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70mobil.html

Commonly, when the term ‘anchoring’ is mentioned, guest access comes to mind. However, recently I was presented with a challenge where I leveraged Cisco’s anchoring capability to solve a VRF problem. I coined it as, “internal anchoring”.

We have a very large network and deploy VRFs around our campus to segment a certain user group. We were presented with a problem where we could not access the VRF for testing purposes at our IT office, because we did not have our VRF network configured at the IT office location. 

We could have dragged the VRF to our office, which would have involved a good deal of configuration and since it was only going to be used for testing by a handful of network engineers it would have been a lot of work.

So, we did the next best thing…

The location (building), where the VRF user group lives also lives a number of Cisco WLCs supporting wireless connectivity for this VRF building. For sake of this post the WLCs living in this building will be called the VRF/WLC. 

An SSID was created on one of the VRF/WLC as WLAN: VRF_TEST. This WLAN was then anchored to itself, as normal anchoring procedure.

On the other end, at the IT office also lives a WLC. This WLC was providing wireless connectivity to the IT office.  For sake of this post the WLC living in the IT office will be called the IT OFFICE/WLC.  The WLAN: VRF_TEST was created on the IT OFFICE/ WLC and then anchored to the VRF/WLC.

This anchoring process will allow us to simply connect to the VRF_TEST at the IT office and have access to the VRF at the VRF building just like if we were physically there in person. This configuration effort took less than 5 minutes.

** Note: Mobility Group configuration was also required **

 

AuthorGeorge | CommentPost a Comment |

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.