Hello Christian,
I understand your problem. And yes, with MPLS, the vendor is usually just creating a VLAN and putting both ends of your connections onto it. In which case - encryption is really not their problem. I have a mix of MPLS and VPN's for my remote sites.
In the event of an unencrypted pipe, you can set up your access points to handle encryption for you. Extreme gives you several choices there. Here is a screenshot ...
So for my VPN sites, I leave it to Disabled. No sense in double-encrypting and creating more overhead. For an MPLS site, I set it to "Encrypt control & data traffic between AP & Controller". It works quite well!
Note that you can make that setting in several places. You can pick AP's one at a time and set it. You can select a dozen or more and choose to do a multi-edit. Or the best way is to build up sites in your configuration, and then whatever you set on a site is automatically pushed out to your AP's.
Hope that helps!
I understand your problem. And yes, with MPLS, the vendor is usually just creating a VLAN and putting both ends of your connections onto it. In which case - encryption is really not their problem. I have a mix of MPLS and VPN's for my remote sites.
In the event of an unencrypted pipe, you can set up your access points to handle encryption for you. Extreme gives you several choices there. Here is a screenshot ...
So for my VPN sites, I leave it to Disabled. No sense in double-encrypting and creating more overhead. For an MPLS site, I set it to "Encrypt control & data traffic between AP & Controller". It works quite well!
Note that you can make that setting in several places. You can pick AP's one at a time and set it. You can select a dozen or more and choose to do a multi-edit. Or the best way is to build up sites in your configuration, and then whatever you set on a site is automatically pushed out to your AP's.
Hope that helps!
