What is LWAPP? | GigMocha Defines

What is LWAPP? | GigMocha Defines

A massive wireless network infrastructure contains many components. One of these components is the Lightweight Access Point Protocol (LWAPP). So, what is LWAPP?

LWAPP is the bridge between an Access Point (AP), Wireless LAN Controller (WLC), and the wireless LAN (WLAN). It’s how these devices communicate with each other. LWAPP makes the wireless connection faster, more secure, and stable.

How does LWAPP work? What’s the mechanism that makes it tick? How does it fit in the wireless network infrastructure? That’s what you’ll know (and more) by reading this blog post.

What Is LWAPP Exactly?

Cisco describes LWAPP as “an Internet Engineering Task Force (IETF) draft protocol that defines the control messaging for setup and path authentication and run-time operations. LWAPP also defines the tunneling mechanism for data traffic.

Wireless networks grow fast, and they can’t function properly without some additional components. Access points help extend the wireless connection around your organization.

For example, a large hospital needs an equally efficient wireless network to keep things running smoothly. The wireless network must handle all the traffic, from storing medical records, keeping communication going, to retrieving patient information.

When you’re talking about a WLAN of this magnitude, you’re talking about many APs that require configuration, monitoring, and maintenance.

So, how do you keep the integrity of your vast network when APs aren’t enough? How do you secure it and keep it whole? LWAPP!

The larger the network gets, the more malfunction is likely to happen.

LWAPP solves the scalability issue. It was designed to remove those obstacles while making network management less painful. Furthermore, LWAPP is an additional layer of security.

LWAPP is a vital component in such massive networks because it helps in coordination. However, in some cases, an autonomous AP is better.

In short, LWAPP is a communication protocol between wireless network hardware. It facilitates communication between WLC, AP, and the controller.

The Big Concepts Of LWAPP

  • Do security and policy functions between AP and WLC.
  • Reduce load on AP by doing advanced functions separately.
  • Perform security functions such as authentication, encapsulation, and encryption for wireless traffic.
  • Gather, organize, and manage AP configuration in one place.

LWAPP is the bridge between AP and WLC. It makes communication possible.

Like signposts, wireless networks depend on them to communicate without the need for more configuration. So, LWAPP transfers the primary pattern and carries out the instructions regardless of how big the wireless network gets.

These signposts provide a gateway to the network that users can use to connect to the network. Thus, users can access the AP from a single point.

Then, the AP can decide where to direct the traffic and to which point in the network.

An autonomous AP can’t direct traffic without LWAPP, especially in large networks. LWAPP bridges that gap by providing an uninterrupted connection.

How Does LWAPP Work?

Without LWAPP, this communication between AP and WLC wouldn’t be possible. It’s vital each step of the way.

Furthermore, LWAPP divides the workload between the AP and WLC:

  1. AP searches for active WLCs to connect to.
  2. When it finds a valid WLC, it tries to join it.
  3. Once connected, the AP checks whether its software version is compatible with the WLC.
  4. If not, the AP starts a software upgrade.
  5. When the upgrade is complete, the AP reboots and repeat step #1 and #2.
  6. The AP starts receiving the configuration from the WLC if the software is compatible.
  7. If the received configuration contains new information, the AP might reboot again and repeat steps #1 and #2.
  8. When the AP gets the correct configuration, it starts running normally to service clients.
  9. The AP also regularly sends security information back to the WLC for processing.

LWAPP Traffic Types

LWAPP has two primary traffic types.

  • Control: It manages, encrypts, and authenticates traffic between AP and WLC. The functions include firmware upgrades, configurations, and session management. Port 12222.
  • Data: It creates a secure wireless tunnel between the AP and WLC. Port 12223
  • Layer 2: The communication between AP and WLC is through native 802.3 Ethernet frames.
  • Layer 3: LWAPP operates through IP/User Datagram Protocol (UDP).

Layer 2 is outdated today, and most networks rely on Layer 3 communication where the APs and WLC have IP addresses.

Benefits Of LWAPP

As the network infrastructure grows, you get security, scalability, and management problems. By allowing 802.11 functionality split between the AP and WLC, LWAPP solved many problems associated with fast-growing wireless networks.

Easier Network Management

Managing AP is one of the biggest benefits of LWAPP.

Before LWAPP, you needed to monitor each AP separately. It was a huge pain when you had hundreds of APs distributed over a large building.

While the Wireless LAN Solution Engine (WLSE) made it easier, APs still worked separately.

With WLCs and LWAPP, it’s much easier to manage the AP. Now, you can manage all your APs from one single WLC.

That way, you can configure all devices with one configuration. APs can gather and send data for aggregation. And you can coordinate between Radio Frequency devices and APs.

Since a WLC has more computing power than a single AP, it can coordinate with other WLCs in the network much faster.

Scaling Your Network

When AP management is simple, you can expand your network with more WLCs instead of APs.

You no longer need to monitor individual units because LWAPP-based WLC can centralize network administration.

LWAPP also separates ongoing LAN traffic and wireless traffic. Thus, network planning and handling traffic are more scalable.

More Security

Because wireless traffic goes to the WLC, it’s easier to analyze it. It’s also easier to inspect the incoming and outgoing traffic.

The WLC also acts as an authenticator. All it takes is configuring one device, and LWAPP will distribute the configuration to APs in the network.

In case of someone breaking into an AP, they can’t extract the full configuration. Furthermore, nobody can change the configuration from the AP.

To make changes, you need to change the WLC primary configuration over LWAPP-encrypted channels.


So, that was all about LWAPP.

It’s a small network component that plays a vital role in keeping the network’s integrity. It’s the protocol that connects the AP to the WLC.

Recent Posts