12-05-2007 07:51 AM - edited 07-03-2021 03:03 PM
We have multiple AP's with a mgt VLAN, internal VLAN, and guest VLAN. The AP's connect to our switch core, but I need to secure our internal network from the guest wireless. Guest wireless should only go out to Internet.
Attached is our AP and Switch configs.
12-12-2007 11:15 AM
There are various authentication methods available with Cisco APs to secure your guest and internal network. You can use 802.1x based WPA authentication on your internal network and WPA-PSK on your guest network. Here is a document which has information on the different authentication mechanisms available with Cisco APs.
http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15auth.html
12-20-2007 03:20 PM
Isolate the guest by L2 vlan all the way to your firewall/router virtual interface and use ACL/FW rules to permit access only to internet...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: