Solved

Cisco WCL5500 Web authentication for guest network

Posted on 2012-04-11
7
420 Views
Last Modified: 2012-05-01
i have configure wireless access with web authentication for guest network.
i'm able to grap IP and autheticate at web but cannot go internet..

previously the setup in the network is in layer 3 vlan, now we remove all vlan. and we need to reconfigure the wireless ssid.

does the traffic have to go through core switch with vlan routing..? or the guest traffic can just natted to manegement interface to internet..?


tks
0
Comment
Question by:hell_angel
  • 3
  • 3
7 Comments
 
LVL 12

Assisted Solution

by:ryan80
ryan80 earned 250 total points
ID: 37832508
if you have multiple SSIDs, you will need to use VLANs to separate the traffic. Additionally this is the secure was to do it.
0
 

Author Comment

by:hell_angel
ID: 37832577
can i use 1 of the interface at controller and connect to my firewall..? from there  i can create new zone..

Vlan is not an option for customer at this point of time..
0
 
LVL 12

Expert Comment

by:ryan80
ID: 37832735
If the Access point is only going to be used for the guest wifi, than you can do that. If you need to have multiple SSIDs on the one AP, then you will need VLANs.

If you can plug it directly in to the firewall, the firewall might be able to use VLANS (most small business firewalls can) and trunking.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:hell_angel
ID: 37833297
this going to be multiple ssid, for internal staff users and guest..
so only VLAN on core switch is possible..?
0
 
LVL 12

Expert Comment

by:ryan80
ID: 37833317
you should be able to just use VLANs on the firewall as long as the guest SSID only needs internet access.
0
 

Author Comment

by:hell_angel
ID: 37833354
but my firewall just still need to have connection to controller directly right?
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 250 total points
ID: 37834029
If you connect the controller to the firewall directly you will need to create ap-manager interfaces for each port you connect to the network.  This will mean you have to disable LAG and is a nightmare if you've never done it before.

Create an interface and assign a new VLAN ID for the Guest traffic on the controller and set that as the interface on your Guest SSID.  The trunk you already have from the controller to the core will pass traffic on the new VLAN (providing you haven't pruned any).  Create the new VLAN at your core but with NO SVI.  Attach a new interface from your Firewall to the new VLAN and give it an IP address so clients use the firewall as their gateway (this disables routing across your core by guest users but lets them route via the firewall).
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
WAP requirements 5 38
VLAN ip for Cisco switch 11 55
No internet 10 33
Server Room Hardware 5 48
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now