Cisco_Wireless
Hi,
We are having Cisco wireless in our network. I have the below requirement :-
1) To create a new guest SSID profile for open internet access where it should not be asked for any username and password.
2) This open access should be for 4000 people.
3) Please suggest what subnet i need to select when i will be creating a open wireless access for 4000 users.
4) The users should get the IP's from DHCP automatically.
Please let me know if there is anything else which i need to take care.
Please help !!!!
We are having Cisco wireless in our network. I have the below requirement :-
1) To create a new guest SSID profile for open internet access where it should not be asked for any username and password.
2) This open access should be for 4000 people.
3) Please suggest what subnet i need to select when i will be creating a open wireless access for 4000 users.
4) The users should get the IP's from DHCP automatically.
Please let me know if there is anything else which i need to take care.
Please help !!!!
IanTh
you may want to put them onto a vlan so they are not 'on' your lan just get on to the internet if thats what your attempting
ASKER
I have to just provide the open Internet wireless access.
About what size area will these 4000 devices be spread across?
Because you will likely need upwards of 100 APs (each with their own separate 20Mb internet feed, allowing each device approximately 512Kb of bandwidth... about half of what it takes to stream youtube videos without stuttering) to connect 4000 devices at once.
If you really mean 4000 people, you should plan on many more than 4000 devices, as a LOT of people have cell phones and personal media devices that connect to WiFi, too... so from 4000 people, you might well see 10,000 devices connecting.
Because you will likely need upwards of 100 APs (each with their own separate 20Mb internet feed, allowing each device approximately 512Kb of bandwidth... about half of what it takes to stream youtube videos without stuttering) to connect 4000 devices at once.
If you really mean 4000 people, you should plan on many more than 4000 devices, as a LOT of people have cell phones and personal media devices that connect to WiFi, too... so from 4000 people, you might well see 10,000 devices connecting.
and charge for it as thats going to be expensive
ASKER
There will be 4000 people in one big common hall and the requirement will be of normal browsing.
From technical point of view could you suggest me the steps and what should i take care of it.
From technical point of view could you suggest me the steps and what should i take care of it.
You would need at least a /20 network (255.255.240.0) if you chose a single VLAN. This will give you 4094 addresses. However I would generally use the next mask up, which would be a /19 (255.255.224.0), giving you 8190 addresses.
Purely from the Cisco Wireless side of things, I'd strongly suggest the use of the following methods:
1] Use PSPF to block intra-client communucations, and
2] Consider using AP VLAN groups.
Each feature will help to improve the performance of the Guest Wireless service, as simply creating one SSID and attaching it to a single VLAN will create one single massive broadcast domain. Using PSPF will stop the network from being used to share files and spread virii, etc.
You should use a separate router to provide internet services to the Guest network so you reduce the risk of Guests accessing your private network. If you push all the Guests through your core switch or router you risk allowing access as a result of not securing the VLAN properly.
Purely from the Cisco Wireless side of things, I'd strongly suggest the use of the following methods:
1] Use PSPF to block intra-client communucations, and
2] Consider using AP VLAN groups.
Each feature will help to improve the performance of the Guest Wireless service, as simply creating one SSID and attaching it to a single VLAN will create one single massive broadcast domain. Using PSPF will stop the network from being used to share files and spread virii, etc.
You should use a separate router to provide internet services to the Guest network so you reduce the risk of Guests accessing your private network. If you push all the Guests through your core switch or router you risk allowing access as a result of not securing the VLAN properly.
ASKER
Thanks. Do you have any link on how to create a new SSID on wireless controller.
ASKER
Hi All,
We configured the new VLAN for the new SSID. Everything looks fine.
But the problem is that users are getting the IP address via DHCP.
When we try to give the static IP it works fine. But we are not getting the IP address from DHCP. Please suggest what could be the possible reason for the same.
Thanks.
We configured the new VLAN for the new SSID. Everything looks fine.
But the problem is that users are getting the IP address via DHCP.
When we try to give the static IP it works fine. But we are not getting the IP address from DHCP. Please suggest what could be the possible reason for the same.
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.