12-05-2007 07:51 AM - edited 07-03-2021 03:03 PM
We have multiple AP's with a mgt VLAN, internal VLAN, and guest VLAN. The AP's connect to our switch core, but I need to secure our internal network from the guest wireless. Guest wireless should only go out to Internet.
Attached is our AP and Switch configs.
12-12-2007 11:15 AM
There are various authentication methods available with Cisco APs to secure your guest and internal network. You can use 802.1x based WPA authentication on your internal network and WPA-PSK on your guest network. Here is a document which has information on the different authentication mechanisms available with Cisco APs.
http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15auth.html
12-20-2007 03:20 PM
Isolate the guest by L2 vlan all the way to your firewall/router virtual interface and use ACL/FW rules to permit access only to internet...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide