cancel
Showing results for 
Search instead for 
Did you mean: 

We are new to Aerohive and we are trying to figure out how to proceed with our rollout. Basically, I have over 40 remote sites that will all be getting 550 access points.

We are new to Aerohive and we are trying to figure out how to proceed with our rollout. Basically, I have over 40 remote sites that will all be getting 550 access points.

frank_mullica
New Contributor

We are trying to figure out how to manage this? Do we create a separate policy for every single remote site on the network policies page and use the same SSID's and just specify different DHCP pools locally at each site? Do we create one global policy that can be pushed to all access points? Down the line, if we want to push an update to just one of our remote sites, I don't know if it is better to have a separate policy for that site on the network policies page or if it would be better to just manually select which AP's you want to update? I basically want an SSID for corporate WiFi, guest wifi(I have already configured this using the AeroHive captive web portal and that works fine at our headquarters during testing), and an SSID or two for our handheld bar code scanners. Right now in our Cisco controller world we are moving away from all the pools are on the centralized controller for each SSID in the data center but not sure now if we want to configure local pools at each site on our layer 3 switch for all, some, or none of our SSID's or if we would want to handle that back in the data center for each remote site to get via IP Helper addresses?

2 REPLIES 2

bruce_stahlin
Contributor III

We've tried both methods and prefer the one network policy/location. Then within those policies, use the same SSIDs with classifications for VLANs firewall policies, user profiles, etc. We have dhcp relays setup on the L3 switches at each facility. Feel free to reach out with any specific questions.

AnonymousM
Valued Contributor II

There is a definite benefit of having separate objects per location once you need to troubleshoot a certain area. If the configuration is not segregated then any changes made would be global although the same issue may not be present in all locations.

 

You can create separate network policies for each location. You would want to use similar or even cloned SSIDs and User Profiles. The broadcast name of an SSID can be identical for all locations but you can use a location based name for the SSID's actual name. If you have the same encryption types then this could be seamless for anyone who travels to all locations.

 

The other option available would be to use classification rules for one Network Policy that route certain configurations to certain clients based on the assignment rules. You can assign certain SSIDs based on location or the subnet of the APs. You can also assign different User Profiles based on User Groups, Client device info, or location.

 

Additional settings such as DNS and NTP servers can be applied based on classification rules as well. Although, the management and native VLANs would need to be universally accepted. The user profiles define the client side VLAN per SSID. Please let me know if you have any additional questions.

GTM-P2G8KFN