Solved

Cisco WCL5500 Web authentication for guest network

Posted on 2012-04-11
7
449 Views
Last Modified: 2012-05-01
i have configure wireless access with web authentication for guest network.
i'm able to grap IP and autheticate at web but cannot go internet..

previously the setup in the network is in layer 3 vlan, now we remove all vlan. and we need to reconfigure the wireless ssid.

does the traffic have to go through core switch with vlan routing..? or the guest traffic can just natted to manegement interface to internet..?


tks
0
Comment
Question by:hell_angel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 12

Assisted Solution

by:ryan80
ryan80 earned 250 total points
ID: 37832508
if you have multiple SSIDs, you will need to use VLANs to separate the traffic. Additionally this is the secure was to do it.
0
 

Author Comment

by:hell_angel
ID: 37832577
can i use 1 of the interface at controller and connect to my firewall..? from there  i can create new zone..

Vlan is not an option for customer at this point of time..
0
 
LVL 12

Expert Comment

by:ryan80
ID: 37832735
If the Access point is only going to be used for the guest wifi, than you can do that. If you need to have multiple SSIDs on the one AP, then you will need VLANs.

If you can plug it directly in to the firewall, the firewall might be able to use VLANS (most small business firewalls can) and trunking.
0
Webinar: MariaDB® Server 10.2: The Complete Guide

Join Percona’s Chief Evangelist, Colin Charles as he presents MariaDB Server 10.2: The Complete Guide on Tuesday, June 27, 2017 at 7:00 am PDT / 10:00 am EDT (UTC-7).

 

Author Comment

by:hell_angel
ID: 37833297
this going to be multiple ssid, for internal staff users and guest..
so only VLAN on core switch is possible..?
0
 
LVL 12

Expert Comment

by:ryan80
ID: 37833317
you should be able to just use VLANs on the firewall as long as the guest SSID only needs internet access.
0
 

Author Comment

by:hell_angel
ID: 37833354
but my firewall just still need to have connection to controller directly right?
0
 
LVL 46

Accepted Solution

by:
Craig Beck earned 250 total points
ID: 37834029
If you connect the controller to the firewall directly you will need to create ap-manager interfaces for each port you connect to the network.  This will mean you have to disable LAG and is a nightmare if you've never done it before.

Create an interface and assign a new VLAN ID for the Guest traffic on the controller and set that as the interface on your Guest SSID.  The trunk you already have from the controller to the core will pass traffic on the new VLAN (providing you haven't pruned any).  Create the new VLAN at your core but with NO SVI.  Attach a new interface from your Firewall to the new VLAN and give it an IP address so clients use the firewall as their gateway (this disables routing across your core by guest users but lets them route via the firewall).
0

Featured Post

Upcoming Webinar: Percona XtraDB Cluster 6/21 10am

Join Percona’s MySQL Practice Manager Kenny Gryp and QA Engineer, Ramesh Sivaraman as they present Percona XtraDB Cluster, Galera Cluster, MySQL Group Replication on Wednesday, June 21, 2017 at 10:00 am PDT / 1:00 pm EDT (UTC-7).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question