Business Community > General Discussion > Cloud Controller vs Hardware controller
< General Discussion

Cloud Controller vs Hardware controller

Cloud Controller vs Hardware controller

Cloud Controller vs Hardware controller
Cloud Controller vs Hardware controller
Saturday - last edited 19 hours ago

I am planning a transition from a 10 years old OpenMesh system to an Omada System. My current OpenMesh setup is 100% web based and so I am considering to move to a an Omada Cloud based system. The network access is Voucher based. It's a hight traffic area were hundreds of people will open up the captive portal where they will be asked to put a vocher code to autenticate. Only about 15% of people will use a voucher code . Is the captive portal and authentication take place locally at the Access Point or Hardware Controller , or is it still managed on cloud at the Omada Server ? 

Also , if I use a cloud based controller do I still need a hardware Gateway (ER605 for example) or can I just connect the the AP and Switches to the internet ?

 

Would you consider a hardware controller to be faster/more efficient than the cloud based controller ?

 

Thanks in advance.

Pakal

 

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:Cloud Controller vs Hardware controller-Solution
Sunday - last edited 19 hours ago

  @Pakal 

 

For that much traffic hitting a portal, definitely go with a hardware controller (which also doesnt need device licenses) - in your case i would suggest OC300.  It isnt too expensive

 

Controller handles all aspects of the portal, nothing is done on the gateway or EAPs

 

You can adopt whatever devices you need, you dont have to adopt a gateway to manage access points

Recommended Solution
  0  
  0  
#2
Options
8 Reply
Re:Cloud Controller vs Hardware controller-Solution
Sunday - last edited 19 hours ago

  @Pakal 

 

For that much traffic hitting a portal, definitely go with a hardware controller (which also doesnt need device licenses) - in your case i would suggest OC300.  It isnt too expensive

 

Controller handles all aspects of the portal, nothing is done on the gateway or EAPs

 

You can adopt whatever devices you need, you dont have to adopt a gateway to manage access points

Recommended Solution
  0  
  0  
#2
Options
Re:Cloud Controller vs Hardware controller
Yesterday

  @GRL 

Thanks for your reply. If I go with a hardware controller (OC300) I guess both the controller and all the APs have to be on the same subnet mask managed by any brand router/switch. What would be the convenience of adding an Omada gateway and/or Omada switches, if I already have other switches (although unmanaged) in place? 

  0  
  0  
#3
Options
Re:Cloud Controller vs Hardware controller
Yesterday - last edited Yesterday

  @Pakal 

 

ACLs to control inter-vlan communiocation, URL filtering, IDS / IPS, VPNs, switch ports that dont automatically put someone plugging something into a port on the management vlan......lots of things

 

For a big deployment with users in the hundreds ER605 wouldnt cut it, its not designed for that.

ER7206 v2 / ER7406 / ER707-M2 would all be fine for this, ER8411 if you want higher bandwidth WAN/LAN in the future

Switch wise SG2008 or higher support all omada features like ACLs, the ES series is a basic omada switch can has far less features

  0  
  0  
#4
Options
Re:Cloud Controller vs Hardware controller
Yesterday

  @GRL 

Thanks,I have a couple more questions. How is the ip assignment managed by the sdn? Citing my initial post I have the "problem" of  several hundreds devices connecting to the captive portal. 90% of them will not authenticate with a voucher. Is this amount of unauthenticated devices going to be a problem? 

 

Also, can I define different SSID at an AP level, or can I have some AP with SSID1 and others with SSID2? 

Can they all share the same vouchers? 

  0  
  0  
#5
Options
Re:Cloud Controller vs Hardware controller
19 hours ago - last edited 19 hours ago

Hi  @Pakal 

 

Thanks for posting here.

 

Also, can I define different SSID at an AP level,

>>Yes

or can I have some AP with SSID1 and others with SSID2? 

>>Yes

Can they all share the same vouchers? 

>>>Yes.

This is a configuration guide:

How to configure the WLAN Group function on the SDN Controller(New UI)


 

 

Citing my initial post I have the "problem" of  several hundreds devices connecting to the captive portal. 90% of them will not authenticate with a voucher. Is this amount of unauthenticated devices going to be a problem? 

>>>I don’t quite understand this scenario. If 90% of the clients won’t go through voucher authentication, how do you plan to authenticate them? Do you simply not allow these clients to connect to your network, or will they connect via a regular SSID with a simple password? Could you provide more details so we can better explain/suggest?

 

How is the ip assignment managed by the sdn?

>>> It's always the DHCP server(router) assign IP addresses to all the clients, neither EAP nor the controller. Maybe I don't quite understand what you are asking. Here is an emulator of SDN controller, you can view most features, layouts and configurations from the pages:

https://emulator.tp-link.com/emulator-v6.0/index.html#dashboard

 

 

 

Wish you a happy life and smooth network usage!  >Omada US Enterprise Beta Program Launch< >Get the Latest Omada SDN Controller Releases Here< >Experience the Latest Omada EAP Firmware<
  0  
  0  
#6
Options
Re:Cloud Controller vs Hardware controller
16 hours ago

  @Vincent-TP 

 

Thanks. A client that will not authenticate with a voucher cannot go past the captive portal will NOT be allowed  to use the network. Yet, this client has already be assigned an IP address. What subnet mask is used by the gateway? Because there will be way more than 253 users connected to the walled garden. 

  0  
  0  
#7
Options
Re:Cloud Controller vs Hardware controller
3 hours ago

  @Pakal 

 

You can assign large subnets sithout issue and can assign whatever IP rages you want nothing is fixed

  0  
  0  
#8
Options
Re:Cloud Controller vs Hardware controller
52 minutes ago

Hi  @Pakal 

Thanks. A client that will not authenticate with a voucher cannot go past the captive portal will NOT be allowed  to use the network

 

>>>If a large number of clients attempt to connect to the EAP network for an extended period, it may indeed impose unnecessary load on the EAP. You can uncheck the SSID broadcasting to hide the SSID, and instruct users to manually search for the SSID when sending them the authentication code.

 

Regarding the IP pool concern, you can expand the broadcast domain to increase the number of assignable IPs. For example:

  • Changing the subnet mask to /23 will provide 510 available IPs.
  • Changing it to /22 will provide 1022 available IPs.
    You can view the number of available IPs on this interface.

 

Wish you a happy life and smooth network usage!  >Omada US Enterprise Beta Program Launch< >Get the Latest Omada SDN Controller Releases Here< >Experience the Latest Omada EAP Firmware<
  0  
  0  
#9
Options

Information

Helpful: 0

Views: 106

Replies: 8

About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.