Cisco Wireless Architectures Overview and Examples

There are different Cisco wireless architectures that we can use in our networks. The most common architectures are Autonomous AP, Cloud-based, and Split-MAC architectures.


Autonomous AP Architecture

From the name itself, Autonomous Architecture means ‘in charge of everything.’ It is a standalone management Cisco Wireless Access Point architecture. All of these listed roles below are handled by the Autonomous AP for this kind of wireless architecture.

  •  Approval of association requests
  • Transmitter power management
  • (RF) Radio Frequency management
  • (BSS) Basic Service Set Management

You can see in the image below that there is a different VLAN running on the connections. Let us say VLAN A is for the office employees’ VLAN to connect to their company software. VLAN B is for the guests that will have limited access. The Autonomous AP could broadcast two different SSIDs. Having this kind of setup, since the APs have all the tasks, you may need to log in to every AP to configure it, both on the initial design and every time you need to update the configuration, such as adding VLAN to support wireless clients.

Cisco Wireless Architecture


Because of the tedious task of logging in individually on every AP, AP management is complex in this case. To make it easier, Cisco introduced centralized management software solutions, such as:

  • Cisco DNA (Digital Network Architecture) Center
  • Cisco Prime Infrastructure

The tasks are still heavy on the Access Points. The only difference is that they will be easier to configure as the software is installed on one of the computers, ideally the server. You will have a dashboard for easier visibility of the current configuration of the APs.


Cloud-Based AP Architecture

Network scalability is one of the biggest concerns for wireless architecture when a company is growing. As for the Autonomous AP architecture, scaling is possible. However, it is more complicated. Cisco saw this issue and introduced a cloud-based wireless architecture called the Cisco Meraki, a Cisco unified wireless network solution. Here are the key characteristics of a Cloud-based AP architecture:

  • Cloud-based – The software is not on the premise but the server farms of the provider
  • Management task of the AP is moved to the Cloud
  • The AP does only real-time data forwarding tasks

Cisco Wireless Architecture: Cloud-Based AP


Split-MAC Architecture

Both Cloud-based wireless architecture and centralized management solutions are good improvements of Cisco wireless network architectures. However, the Access Points remain Autonomous. This means that the portability of your wireless clients still cannot transfer from one Access Point to another seamlessly. They have an independent network and SSID. The goal is to make the wireless network have flexible client roaming.
There are many things to consider when deploying multiple Autonomous APs in one area. The administrator must manage the area to avoid overlapping by working the transmit power. Aside from this, it would help if you also control the channels to prevent channel interference.


Wireless LAN Controller (WLC)

With Split-MAC architecture, we will need a Wireless LAN Controller (WLC). This will enable users to roam freely from one access point to another without disconnecting. This architecture offers an Extended Service Set (ESS).

By using Wireless LAN Controllers, all of the management functions of the APs will be moved and be centralized on the WLC. How is this different from cloud-based? In cloud-based, the APs are still autonomous. Although you can configure the APs easier, it does not include the management processing of the APs, and it simply collates the settings, making a good dashboard for a more straightforward configuration.

The Access Points will be on Lightweight Access Point (LAP) mode. Lightweight Access Points are APs that depend on a WLC for the processing of the management tasks. A Lightweight Access Point Protocol (LAPP) is used for management.


CAPWAP Tunnels

CAPWAP stands for Control and Provisioning of Wireless Access Points. In every wireless network of WLC going to and LAP, there will be two CAPWAP Tunnels. The minimum requirement to build this tunnel is for the wireless LAN controllers to ping the management IP address of the Lightweight AP.CAPWAP


The CAPWAP Control Tunnel is responsible for CAPWAP Control messages which are data packets used to configure and manage its operation. Has data encryption so that the corresponding LAP will be the only one that can connect to its respective WLC. This uses UDP port 5246.

Data traffic is traveling to and from the wireless clients are transported to the CAPWAP Data Tunnel. The packets here are not encrypted but are still protected with Datagram Transport Layer Security (DLTS) to secure wireless connectivity for wireless users. UDP 5247 is the port that this tunnel use.

Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.

We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest-rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training: