Cisco AP Modes

When we’re deploying APs in lightweight mode, we made a number of operational modes the AP can run. In this lesson, we’re going to take a look at the different AP modes available within Cisco APs.

Exam Topic

3.0 Infrastructure

  3.3 Wireless

    3.3.b Describe AP modes and antenna types

Video Overview

Overview

When our APs have been deployed within lightweight mode, there are are a number of different functions the AP can operate as.

The AP mode can be changed once the AP is associated to a WLC. This can be amended under the AP configuration, as outlined in the figure below;

Cisco AP Modes

The modes available for our APs are;

  • Local
  • FlexConnect
  • Monitor
  • Rogue Detector
  • Sniffer
  • Bridge / Mesh
  • Flex + Bridge
  • SE-Connect
  • Sensor

Local

This is the default AP mode when an lightweight AP is associated with a WLC.

An AP in local mode will create a CAPWAP tunnel back to the WLC that will be used for all traffic. This includes both management and client traffic.

INSERT IMAGE HERE…

The figure above provides an overview of a local AP connecting to our WLC.

A limitation with this AP mode is that the AP must be associated to the WLC at all times. If connection is lost to the WLC, the AP will be unable to forward any client traffic.

Whilst an AP isn’t transmitting wireless frames for clients, it continues to perform the following tasks;

  • Measure RF noise
  • Measure RF interference
  • Detect rogue devices
  • Check for IDS event matches

It’s worth noting that this AP mode is not available on virtual WLCs.

FlexConnect

Although APs in local mode can be used at remote locations, the preferred method is to use FlexConnect. The benefit of FlexConnect is that if our AP looses connection to the WLC, it can continue to operate.

Where a local AP will CAPWAP all client traffic back to the WLC to be forwarded, a FlexConnect AP can forward this traffic locally. 

It’s worth noting that our AP will still maintain a CAPWAP tunnel back to the WLC for management purposes.

INSERT IMAGE HERE…

In our figure above, MN-AP01 is configured in FlexConnect mode. It has then established a CAPWAP tunnel back to MN-WLC01 for management purposes.

We then have two clients associated; Client A and Client B.

Unlike in local mode, traffic from Client A to Client B is switched locally at the AP.

Monitor

Whilst an AP is deployed within monitor mode, the AP will not transmit any frames. As such, an AP deployed within monitor mode is unable to service clients.

Instead, it dedicates the radios within the AP to complete the following tasks;

  • Measure RF noise
  • Measure RF interference
  • Detect rogue devices
  • Check for IDS event matches
  • Perform location-based services (RTLS)

Bridge / Mesh

An AP is setup in bridge mode when we want to create a point-to-point or point-to-multipoint connection between two networks.

This mode is also referred to as ‘Mesh Mode’ as it also provides the ability to create a mesh network between APs.

I like to remember this AP mode by picturing two remote islands. To be able get across and access the remote island, you’d need a bridge. However, instead of two islands, we’re connecting two or more remote networks.

To provide some context, let’s take a look at two examples;

Flex + Bridge

Now that you understand both the FlexConnect and Bridge modes, the Flex + Bridge mode merges them together.

It allows us to use the functionality of FlexConnect APs when using our APs for bridge or mesh purposes.

SE-Connect

When an AP is configured in SE-Connect mode, the AP does not serve any clients. Instead, all radios within the AP are dedicated to spectrum analysis on all channels. This includes both 2.4GHz and 5GHz.

The data collected via the AP can then be analysed via MetaGeek Chanalyzer or Cisco Spectrum Expert.

This mode is predominately used for troubleshooting purposes. It then allows the ability to remotely discover sources of RF interference.

Sniffer

Similar to SE-Connect, APs in sniffer mode do not serve any clients. Instead, the AP will dedicate all of its radios to recieving 802.11 traffic.

The traffic that’s captured can then be used for troubleshooting purposes. Traffic from the AP is forwarded to a client running a network analyser tool, like Wireshark.

Rogue Detector

If an AP is configured in rogue detector mode, it does not server any clients. Instead, it is used to detect rogue devices within your RF environment.

This is achieved by correlating MAC addresses that are seen on the wired network to those heard by the AP.