Fancomkish as an Iranian technology based company is active in field of providing ICT solutions and products for enterprise customers such as Oil & Gas, Bank, etc. Fancomkish is dealing with several most leading ICT global suppliers.

Get In Touch

No.3, 6th alley, sabunchi St., Shahid Beheshti St., Tehran,Iran
Fax: +9821 88536919
Phone: +9821 96861740-5
Postal Code : 1533655513
Home  /  Wifi  /  Access Controllers  /  ACU2 Access Controller Unit
FanCom Kish 22-100x100  fancomkish

ACU2 Access Controller Unit

Huawei Access Controller Unit 2 is a value-added service unit used on a chassis switch and provides access control capabilities on WLAN networks of large enterprises. A chassis switch with an ACU2 provides both wireless and wired service capabilities, reducing space occupied and cables in equipment rooms and lowering network construction cost.

• 40 Gbit/s forwarding capability
• 2048 access points
• 32K users
• 1+1 hot backup

Category: .
this product was shared 0 times
  • توضیحات
  • characteristic
  • specification
  • Deployment scenarios


FanCom Kish 253740-1  fancomkish


FanCom Kish 253740-2  fancomkish

1USB interface1Connects to a USB flash drive to transfer configuration files.
2Console interface1Provides a serial interface. To configure the ACU2 locally, you can log in to the local ACU2 by connecting a cable between the serial interface on the host and the console interface on the ACU2.
3Console interface1Provides a GE interface. To configure the ACU2, you can log in to the ACU2 through Telnet.
4GE interface3Reserved interface




High access capacity and processing capability

An ACU2 can manage a maximum of 2048 APs (packet forwarding over 2048 tunnels) and supports a maximum of 32K STAs.
The ACU2 provides nearly 40 Gbit/s line-speed forwarding capacity.

Independent service unit, facilitating centralized deployment and capacity expansion

The ACU2 provides access control capabilities on an enterprise wireless network. An aggregation switch with ACU2s provides both wireless and wired service capabilities, reducing space occupied and cables in equipment rooms and lowering network construction cost.
You can install multiple ACU2s on a switch to manage Nx2048 APs. (N is the number of ACU2s.)

Flexible user policy management and authority control capabilities

The ACU2 implements per-user access control based on ACLs, VLAN IDs, and bandwidth limits sent from the RADIUS server.
You can define user groups for users of different rules and apply access control policies to the user groups. Access of users in a user group is controlled based on the ACL, user isolation policy, and bandwidth limit applied to the user group. You can configure inter-group user isolation or intra-group user isolation as required to implement access control.

Visualized WLAN network management and maintenance

The ACU2 and APs establish a fit AP+AC networking for centralized AP management, facilitating network management and maintenance. Huawei AC and AP products support standard Link Layer Discovery Protocol (LLDP), which helps display topology of wired and wireless networks for visualized management and maintenance.

Physical Specifications

Board dimensions35.56 mm x 380.00 mm x 378.45 mm (height x width x depth
Maximum power consumption168 W
Board weight3.2 kg

System Configuration

ProcessorTwo multi-core CPUs. Each CPU is configured with 16 cores. The dominant frequency is 600 MHz.
DDR2 DRAM16 GB (8 bit, 2 x 4 GB). Each CPU is connected to a 8-GB memory.
Flash64 MB
Forwarding capability40 Gbit/s

Protocol and Management Capabilities

Number of managed APs2K
Number of access usersEntire device: 32K
Single AP: a maximum of 256 (depending on the AP model)
Number of MAC address entries32K
Number of VLANs4K
Number of routing entries16K
Number of ARP entries32K
Number of multicast forwarding entries 2K
Number of DHCP IP address pools256 IP address pools, each of which contains a maximum of 16K IP addresses
Number of local users1000
Number of ACLs32K
Number of ESSIDs8K
User group management128 user groups
Each user group can reference a maximum of eight ACLs.
Each user group can associate with a maximum of 128 ACL rules.

Wireless Networking Capabilities

Networking between APs and ACsAPs and ACs can be connected through a Layer 2 or Layer 3 network.
APs can be directly connected to an AC.
APs are deployed on a private network, while ACs are deployed on the public network to implement NAT traversal.
ACs can be used for Layer 2 bridge forwarding or Layer 3 routing.
Forwarding modeDirect forwarding (distributed forwarding or local forwarding)
Tunnel forwarding (centralized forwarding)
Centralized authentication and distributed forwarding
Before users are authenticated, tunnel forwarding is used. After users are authenticated, local forwarding is used.
Wireless networking modeWDS bridging:
Point-to-point (P2P) wireless bridging
Point-to-multipoint (P2MP) wireless bridging
Automatic topology detection and loop prevention (STP)
Wireless mesh network
Access authentication for mesh devices
Mesh routing algorithm
Go-online without configuration
AC discoveryAn AP can obtain the device's IP address in any of the following ways:
Static configuration
The AC uses DHCP or DHCPv6 to allocate IP addresses to APs.
DHCP or DHCPv6 relay is supported.
On a Layer 2 network, APs can discover the AC by sending broadcast CAPWAP packets.
CAPWAP tunnelCentralized CAPWAP
CAPWAP control tunnel and data tunnel (optional)
CAPWAP tunnel forwarding and direct forwarding in an extended service set (ESS)
Datagram Transport Layer Security (DTLS) encryption, which is enabled by default for the CAPWAP control tunnel
Heartbeat detection and tunnel reconnection
Active and standby ACsEnables and disables the switchback function.
Supports load balancing.
Supports 1+1 hot backup.
Supports N+1 backup.

Application Scenarios

The ACU2 is connected to an aggregation switch in chain or branched mode.

The ACU2 processes both control flows and data flows. Management flows must be transmitted over Control And Provisioning of Wireless Access Points (CAPWAP) tunnels. Data flows can be transmitted over CAPWAP tunnels or not, as required.

The CAPWAP protocol defines how APs communicate with ACs and provides a general encapsulation and transmission mechanism for communication between APs and ACs. CAPWAP defines data tunnels and control tunnels.

Data tunnels encapsulate 802.11 data packets to be sent to the AC.

Control tunnels transmit control flows for remote AP configuration and WLAN management.

Two forwarding modes are available according to whether data flows are transmitted on CAPWAP tunnels:

Direct forwarding: is also called local or distributed forwarding.

Tunnel forwarding: is also called centralized forwarding. It is usually used to control wireless user traffic in a centralized manner.

Typical Networking of the ACU2

Deployment of the ACU2 in a WLAN (AC + fit AP) networking:

FanCom Kish 253740-41  fancomkish

Different from an individual case-shaped AC, the ACU2 is installed on a switch. The ACU2 supports two deployment modes:

Layer 2 chain deployment mode: as shown above in the left part of Figure

The ACU2 is installed on an aggregation switch to manage APs connected to the aggregation switch directly or through an access switch.

In this deployment mode, the network between aggregation switches (ACs) and APs is a Layer 2 network.

Layer 3 branched deployment mode, as shown above in the right part of Figure

The ACU2 is installed on an aggregation switch other than the aggregation switch connected to APs. APs communicate with the ACU2 through the local aggregation switch. In this deployment mode, the network between ACs and APs is a Layer 3 network.

ACU2Forwarding Mode

FanCom Kish 253740-5  fancomkish

Direct Forwarding

In direct forwarding mode, wireless user service data is translated from 802.3 packets into 802.11 packets, which are then forwarded by an uplink aggregation switch.

The branched networking mode is often used on enterprise networks. Wireless user service data does not need to be processed by an AC, eliminating the bandwidth bottleneck and facilitating the usage of existing security policies. Therefore, this networking mode is recommended.

Tunnel Forwarding

In tunnel forwarding mode, wireless user service data is transmitted between APs and ACs over CAPWAP tunnels.

Both control flows and service data flows are transmitted in CAPWAP tunnels. APs send data packets to the switch where the ACU2 is installed, and the ACU2 decapsulates the packets and forwards the packets.

Traffic from wireless users under all APs is aggregated to the AC through CAPWAP tunnels to implement centralized traffic control.