Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
454
Views
5
Helpful
6
Replies

Will this work?

hnhoang33
Level 1
Level 1

‎05-24-2007 11:12 AM - edited ‎07-03-2021 02:07 PM

Hello All,

I'm hoping that someone here on the forum can help me with a possible solution.

I have a small network with a Cisco 1200 AP. Is it possible 2 have 2 SSID's on the AP? One for guests and one for internal LAN users?

My thought was to create 2 VLAN's on our 4510 switch and place ACL's on the VLAN's. On the guest VLAN I would block everything but basic internet traffic (web browsing, ftp, email, etc)

On the internal LAN it would be open for everything.

Would this work? I'm not sure how DHCP would work as well, but I'm hoping you gurus out there can help someone new out.

Please by all means feel free to make any suggestions. I just wanted to have a decent secure wireless network for guest users, while still protecting my internal network.

Thanks for your time.

Labels:
0 Helpful
6 Replies 6

scottmac
Level 10
Level 10

‎05-24-2007 01:51 PM

It should work as you describe. Update you AP code to current before you start ... older code had some ugly bugs and security issues.

If you are not much of a "command line person," you can configure everything through the WebGUI.

For DHCP, you'd need either a DHCP server with one scope each if you intend to keep the VLANs completely separate (i.e., no router / layer 3 device) or, if you will use a router for inter-VLAN routging, you can define two scopes on the same DHCP server, and put "IP HELPER" on the router interface closest to the AP (pointing to the DHCP server).

A third option might be to use a server with an 802.1q-capable NIC or two interfaces, one interface on each VLAN.

There are a bunch of variables that depend on your actual topology and implementation.

Good Luck

Scott

hnhoang33
Level 1
Level 1
In response to scottmac

‎05-31-2007 08:35 AM

Hello Mr.McKenzie,

Thank you for the prompt response. I appreciate it greatly.

As someone who is getting into networking and deploying these type of solutions, its greatly appreciated.

If I have any questions, I'll be sure to respond here.. All the best!

0 Helpful

tpelley
Level 1
Level 1

‎05-31-2007 08:22 AM

I too am deploying an almost identical set up using a 1200 series AP. The AP is a stand alone and authenticates users against a FreeRADIUS server.

I would like guests to be automatically sent to a web page to accept terms of use before being allowed to connect, much the same as a public hot spot or hotel.

Now for the fun part! I have two weeks and essentially no budget to get this up and running.

Any suggestions would be greatly appreciated.

0 Helpful

Rob Huffman
Hall of Fame
Hall of Fame

‎05-31-2007 10:11 AM

Hi Scott,

Nice work here as always! 5 points from Calgary :)

Take care,

Rob

PS: that must have been a short vacation......

0 Helpful

scottmac
Level 10
Level 10
In response to Rob Huffman

‎05-31-2007 03:58 PM

Thanks Rob!

Yeah, you know the story, they only let us out for a couple hours at a time, no sharp or pointy objects ... ;=)

I was off for ~a week ... spent a few days up in Black River Falls, Wisconsin with some friends.

Thanks again (Nice write-up & picture, BTW)

Scott

0 Helpful

Rob Huffman
Hall of Fame
Hall of Fame
In response to scottmac

‎06-01-2007 04:43 AM

Hi Scott,

Yes,we will probably need to be re-trained if away from the fort for too long! I've heard great things about Wisconsin (I hope to make some day)

Thanks for the nice comments (you are up next I'm sure and I'm looking forward to seeing it)

Take care,

Rob

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card