01-10-2008 10:58 AM - edited 07-03-2021 03:11 PM
Can someone give me a good reason to use a seperate controller in a DMZ for guest users versus just trunking a DMZ VLAN to the controller. Certainly it makes sense to have a guest controller when you DMZ is not accessable to the controller locations (or you have a bunch of remote locations, but only one internet connection), but in the event that the controllers are located in a place that it can hit the DMZ is there a good reason to use a guest controller.
01-10-2008 02:51 PM
The only good reason I've seen is to have guest access outside of your corporate network. Some companies aren't sold on letting guests connect inside their firewall and relying on access lists (and/or even NAC), for security. I can't think of any other reason.
01-10-2008 02:55 PM
I'm not even sure if that is a good reason. You can alway trunk to another non-routed VLAN and stick a cable modem and firewall to give guest user access. I'm working with someone now that thinks this is the way to go, but I've got to add a 4402-12, a switch (need GB connectivity for the controller) at a minimum. Again, it would make perfect sense if the location of the internet was not in the same building.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide