Saturday, January 9, 2016

Priming your Cisco access points before deployment

     Access point deployment can become a huge problem if your environment is one where an engineer designs, an admin configures, and a tech deploys, while a group of electricians pull the CAT5 or CAT6 cable. Too many hands in the deployment makes for multiple opportunities to have complications. It will also prove to take longer to resolve issues when troubleshooting.

     One great way to rule out the access point itself as the problem (if problems arise) is to prime the access points before handing them off to the Tech for deployment.

     When priming an access point, you take care of a lot of things up front that could go wrong in the field. One is code upgrade.

     When an access point comes out of the box, it may or may not have the same code your controller is running. Once an access point comes up and finds a controller, it upgrades or downgrades its code to match the controller it has associated to. You can do this before  deployment and avoid errors by handling it in a controlled lab environment.

     Naming the Access Point

     Another thing that is pretty cool to do ahead of time is naming the access point. Outside of placing a label on the access point, you can also name it so that when it comes up in the controller you can match it with your design document and know that that one particular deployment was successful. This will be of great help to you in large deployments. Especially those where you have multiple facilities over a large campus. Your design document should reflect access point models and names so you can reference the name latter if troubleshooting needs to take place. Quickly identifying an access point will speed up your troubleshooting process.

     Redundancy

     Another option is setting primary, secondary, and tertiary controllers for each access point. With the HA pairing option now, not many are using these options, but it is still a good fail safe to set in place in the event the HA pair may glitch on you. (can't have too many redundancies). I say if it's available, use it.

     Type of deployment

     During the priming stage, you can also pre-set an access point to a local mode access point, or several other modes available for deployment that allows an access point to monitor the network. It is good to pre-set these modes and verify they are correctly set before handing the access points off to the tech staff for deployment.

     Mesh Access Points

     When deploying Mesh access points, you have to pre-configure some things before the controller will recognize some access point models. The 1520, 1530, 1550, etc... all have to be added to the MAC Filtering table under the security tab before they will come up on your controller. This is a security feature that helps protect against rogue access points joining your network through your mesh deployments.

     Priming the mesh access point allows you to set the AP to a root or non-root AP before sending it to the field and you can even test the bridge connectivity to verify the two will communicate.

     By performing these priming steps in a lab environment, you can be confident that the access point isn't the problem once it is deployed and problems arise. You also have name comparison to help locate APs during troubleshooting sessions, and when deploying bridges, your priming stage has already verified communication between the two units before they are installed.

    Ruling out Just a BAD Access Point

     Not often, but sometimes an access point will come out of the box with a defect of some sort that needs to be addresses. I have wiped the flash and reloaded it in order to fix out of the box issues, but not all the issues can be fixed. You don't want to send an access point into the field and it come out of the box defective and your field tech stuck with dealing with it. You will wind up walking them through this remotely and probably still face delays by getting a replacement sent out anyway.

     Priming the access points will eliminate sending defective units out for deployment.

     If you don't prime, you're wasting time. Safe yourself and others a lot of headaches up front.


Brett Hill, CWNE #147

2 comments:

  1. This comment has been removed by a blog administrator.

    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete