View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

WL0037 - WLC Office Extend AP (OEAP600) (Part 1)

No votes yet
Difficulty Level: 
Lab Document: 
<Please login to see the content>
Video Download: 
Title: WL0037 - Video Download $20.00
Purchase WL0037 - Video Download $20.00
The video introduces you to the second type of Office Extend AP on Cisco Wireless LAN Controller with OEAP600. We will be configuring OEAP600 from its factory default state starting with basic AP registration security on WLC. We will also cover features such as Remote LAN and 802.1X port-based authentication that are not available on FlexConnect OEAP as well as common functionalities of Split-Tunnel (specified, and local), and personal SSID. 
Part 1 of this video covers basic configuration of OEAP600 and AP authentication
  • Office Extend AP 600 (OEAP600)
    • Physical Appearance
    • Web Interface
    • Network Configuration
    • Software Upgrade
  • AP MAC Address Authentication
  • FW Static NAT and ACL
  • AP Group
  • OEAP600 Remote LAN (with Second VLAN)
  • OEAP600 wired 802.1X Authentication with ISE
  • OEAP600 Split-Tunnel 
  • OEAP600 Personal SSID

About Author

Metha Cheiwanichakorn, CCIE#23585 (RS, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at, Metha enjoys learning and challenges himself with new Cisco technologies.


Just wondering why you didn't anchor the oeap traffic to the internal foreign controller, is that a supported design, or maybe terminating oeap traffic in the dmz would provide better security being the traffic is originating from a remote less secured site?? thoughts/feedback?

You can terminate OEAP tunnel on any WLC as long as it is reachable from the internet. Terminating in the DMZ is usually a better design from security perspective.