Designing Cisco Enterprise Wireless Networks (ENWLSD) — Question 172

A community bank has three campus locations and one HQ with the data center operations. Each campus location has four Cisco Catalyst 9120 APs. The data center has a Catalyst 9800 WLC with eight Catalyst 9120 APs. Poor WAN uplinks cause impacted branch AP and wireless client connectivity back to HQ, and each campus location is now planned to have its own EWC controller based on C9120 AP to keep traffic local. This new design must accommodate these requirements:
• Guest WLAN will be routed locally.
• Employee WLAN must be authenticated 802.1x PEAP via HQ data center ISE but can pass traffic locally once authenticated.
• HQ WLC will be the primary backup WLC for each WLC.

Which design approach should the consulting engineer take?

Answer options

• A. Two C9120 campus APs must be converted to EWC mode, one for the active controller and the other for standby with HQ WLC set as N+1 backup. The campus guest WLAN will use the guest anchor to HQ WLC for guest VLAN access, and employee WLAN will need the HQ AAA server to be added to EWC and then use that to perform the 802.1x authentication.
• B. One C9120 campus AP must be converted to EWC mode, and the preferred controller is set to that AP with HQ WLC should be paired as mobility peer and configured as N+1 backup. The campus guest WLAN will use local web auth on guest VLAN. The campus employee WLAN will need the guest anchor back to the HQ employee WLAN.
• C. Two C9120 campus APs must be converted to EWC mode, one for the active controller and the other for standby set as N+1 backup. The campus guest WLAN will use local web auth on guest VLAN, and employee WLAN will need the HQ AAA server added to EWC.
• D. One C9120 AP in each campus must be converted to EWC mode, and the preferred controller is set to that AP with HQ WLC set as N+1 backup. The campus guest WLAN will use local web auth on guest VLAN, and employee WLAN will need the HQ AAA server to be added to EWC.

Correct answer: D

Explanation

The correct answer is D because it provides a suitable configuration for local traffic handling while ensuring that the HQ WLC serves as a backup. Options A and C incorrectly suggest a setup that does not meet the requirement of having one AP per campus as the EWC controller. Option B fails to align with the need for dual APs in EWC mode across campuses.