Specifications
Adaptive AP
10-5
10.1.8 Securing Data Tunnels between the Switch and AAP
If a secure link (site-to-site VPN) from a remote site to the central location already exists, the AAP
does not require IPSec be configured for adoption.
For sites with no secure link to the central location, an AAP can be configured to use an IPSec tunnel
(with AES 256 encryption) for adoption. The tunnel configuration is automatic on the AAP side and
requires no manual VPN policy be configured. On the switch side, configuration updates are required
to adopt the AAP using an IPSec tunnel.
To review a sample AAP configuration, see Sample Switch Configuration File for IPSec and
Independent WLAN on page 10-16.
10.1.9 Adaptive AP Switch Failure
In the event of a switch failure, an AAP's independent WLAN continues to operate without disruption.
The AAP attempts to connect to another switch (if available) in background. Extended WLANs are
disabled once switch adoption is lost. When a new switch is discovered and a connection is secured,
an extended WLAN can be enabled.
If a new switch is located, the AAP synchronizes its configuration with the located switch once
adopted. If Remote Site Survivability (RSS) is disabled, the independent WLAN is also disabled in the
event of a switch failure.