📘 CCNA 200-301 v1.1
2.6 Describe Cisco Wireless Architectures and AP modes
When we talk about Cisco Wireless, we are talking about how wireless networks (Wi-Fi) are built and managed using Cisco Access Points (APs) and sometimes Wireless LAN Controllers (WLCs).
Part 1: Cisco Wireless Architectures
Cisco has three main wireless architectures you need to know for the exam:
- Autonomous (Standalone) Architecture
- Controller-Based (Centralized) Architecture
- Cloud-Based Architecture (Cisco Meraki)
Let’s look at each one.
1️⃣ Autonomous (Standalone) Architecture
🔹 Definition
In an autonomous setup, each Access Point (AP) works independently.
It makes all decisions by itself — it handles configuration, management, and security on its own.
🔹 Key Points
- Each AP is configured manually (IP address, SSID, security, etc.).
- There is no central controller.
- Useful for very small networks (like one office or lab room).
- Configuration and updates must be done on each AP individually.
- Troubleshooting is harder because there’s no central view.
🔹 Communication
Clients connect directly to each AP. The AP handles:
- Authentication
- Encryption
- Roaming decisions
- QoS (Quality of Service)
🔹 Disadvantages
- High management effort
- No centralized control or monitoring
- Not scalable for large networks
2️⃣ Controller-Based (Centralized) Architecture
🔹 Definition
In this model, Access Points (APs) are controlled by a central device called a Wireless LAN Controller (WLC).
The WLC manages all the APs on the network.
🔹 Key Components
- Access Points (APs) — lightweight, do not store full configuration.
- Wireless LAN Controller (WLC) — central management and control.
- Network Management System (like Cisco Prime) — optional tool for monitoring.
🔹 How It Works
- Each AP connects to the WLC (usually over the wired network).
- The AP sends all management and control information to the WLC.
- The WLC handles:
- Configuration
- Security policies
- RF (Radio Frequency) management
- Roaming
- Load balancing
The AP only focuses on transmitting and receiving wireless signals.
🔹 Benefits
- Centralized configuration — one place to manage all APs.
- Easier troubleshooting.
- Scalable — supports hundreds or thousands of APs.
- Automatic channel and power management by WLC.
🔹 Terminology: “Lightweight Access Point (LAP)”
In this architecture, APs are called Lightweight APs because they depend on the controller.
3️⃣ Cloud-Based Architecture (Cisco Meraki)
🔹 Definition
In this model, the APs are managed via the cloud using a web dashboard.
There is no physical WLC in your network — everything is managed through Cisco’s Meraki Cloud.
🔹 Key Points
- Configuration and monitoring are done through the Meraki Dashboard (web portal).
- APs automatically connect to the cloud after being powered and connected to the internet.
- Cloud stores configurations and policies.
- Updates and analytics are also managed from the cloud.
🔹 Benefits
- Very easy to deploy and manage.
- Centralized management for multiple sites globally.
- Automatic updates from Cisco.
- Requires internet connectivity to the cloud.
🧭 Summary of Architectures
| Feature | Autonomous | Controller-Based | Cloud-Based (Meraki) |
|---|---|---|---|
| Management | Local (per AP) | Centralized via WLC | Centralized via Cloud |
| Scalability | Small | Medium to Large | Large/Global |
| AP Type | Autonomous AP | Lightweight AP | Cloud-managed AP |
| Controller | None | On-premises WLC | Cisco Cloud |
| Config Method | CLI/Web on each AP | GUI/CLI on WLC | Web Dashboard |
| Internet Required | No | No | Yes |
Part 2: Cisco Access Point (AP) Modes
When using Lightweight APs in a Controller-Based Architecture, the AP can operate in different modes, depending on the role it needs to play.
Let’s go through the main AP modes you must know for the exam.
1️⃣ Local Mode
- Default mode for most Cisco APs.
- Provides wireless service to clients.
- AP sends all client traffic to the WLC through a CAPWAP tunnel.
- AP also periodically stops transmitting for a few milliseconds to scan nearby channels for interference or rogue APs.
Use Case: Normal indoor wireless operation in offices, campuses, etc.
2️⃣ FlexConnect Mode
- Used for remote sites or branch offices where the WLC is at a central location (like HQ).
- The AP can still serve clients even if the WLC connection is lost.
Two modes:
- Connected Mode: WLC is reachable — AP behaves like Local mode.
- Standalone Mode: WLC is not reachable — AP handles clients locally (authentication, traffic forwarding).
Use Case: Remote offices connected via WAN.
3️⃣ Monitor Mode
- The AP does not provide wireless service to clients.
- It only listens to the air to detect:
- Rogue APs
- Intrusions
- Interference
- Other networks
Use Case: Wireless security monitoring.
4️⃣ Sniffer Mode
- The AP captures 802.11 wireless frames and sends them to a network analyzer like Wireshark.
- Used by network engineers for troubleshooting and packet analysis.
Use Case: Deep troubleshooting of wireless communication.
5️⃣ Rogue Detector Mode
- The AP is connected only to the wired network (not transmitting wireless signals).
- It looks for rogue APs by comparing wired MAC addresses with known authorized APs.
Use Case: Detect unauthorized APs plugged into the wired network.
6️⃣ Bridge Mode
- Used to connect two networks wirelessly — acts as a wireless bridge.
- Typically used in outdoor point-to-point or point-to-multipoint links.
Use Case: Connect two buildings or network segments via wireless link.
7️⃣ SE-Connect (Spectrum Expert Connect) Mode
- AP connects to a Spectrum Analyzer tool to analyze RF spectrum.
- Helps find RF interference sources (like other wireless devices).
Use Case: RF troubleshooting and analysis.
🧭 Summary of AP Modes
| AP Mode | Description | Provides Wi-Fi? | Common Use |
|---|---|---|---|
| Local | Normal client service via WLC | ✅ | Offices, campuses |
| FlexConnect | Remote site APs with backup mode | ✅ | Branch offices |
| Monitor | Scans for rogue APs & interference | ❌ | Security monitoring |
| Sniffer | Captures wireless frames | ❌ | Packet analysis |
| Rogue Detector | Detects rogue APs via wired network | ❌ | Security |
| Bridge | Connects networks wirelessly | ✅ | Outdoor links |
| SE-Connect | RF spectrum analysis | ❌ | RF troubleshooting |
✅ Final Exam Tips
- Know the 3 architectures and their main differences.
- Understand what a WLC does and how Lightweight APs depend on it.
- Memorize each AP mode and its purpose — very common CCNA exam question.
- Know that FlexConnect allows APs to continue working if they lose contact with the controller.
- Be clear that Monitor, Sniffer, Rogue Detector, and SE-Connect do not provide Wi-Fi service to clients.
