GUEST LAN BUGS in 4.X and 5.X

Unanswered Question
May 19th, 2008
User Badges:

There are some issues with the guest lan feature in all releases.

1) No CLI command to set Peer-Blocking

2) Enabling DHCP REQUIRED in the GUI prevents any settings to be saved. It works in CLI.


Can anyone tell me what a GUEST-LAN client's default gateway should be? Is it the IP of the egress interface or the IP of the upstream router ?


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mchin345 Fri, 05/23/2008 - 12:34
User Badges:
  • Silver, 250 points or more

I think you are talking about Guest VLAN. When you configure a guest VLAN, clients that are not 802.1x-capable are put into the guest VLAN when the server does not receive a response to its EAPOL request/identity frame.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_20_se/configuration/guide/sw8021x.html#wp1026004

armonk_netdesk Thu, 05/29/2008 - 12:24
User Badges:

No, I am talking about wired Guest-Lan capability in releases starting with 4.1.


Another bug I just found in the new 4.130 release is that when the controller is rebooted it enables AUTO-ANCHOR on the GUEST-LAN and there is no way to disable it. Here is the SHOW output. Notice that AUTO-ANCHOR is enabled and no mobility anchor controllers are configured.....


(Cisco Controller) >show guest-lan 1



Guest LAN Identifier............................. 1

Profile Name..................................... Wired-Guest

Network Name (SSID).............................. Wired-Guest

Status........................................... Enabled

AAA Policy Override.............................. Disabled

Number of Active Clients......................... 0

Exclusionlist Timeout............................ 300 seconds

Session Timeout.................................. 36000 seconds

Interface........................................ wired-guest-out

Ingress Interface................................ wired-guest-in

WLAN ACL......................................... unconfigured

DHCP Server...................................... Default

DHCP Address Assignment Required................. Enabled

Quality of Service............................... Bronze (background)

Radius Servers

Authentication................................ 172.20.192.150 1812

Accounting.................................... 172.20.192.150 1813

Security


Web Based Authentication...................... Enabled

--More-- or (q)uit

ACL............................................. Unconfigured

Web-Passthrough............................... Disabled

Conditional Web Redirect...................... Disabled

Auto Anchor................................... Enabled


Mobility Anchor List

GLAN ID IP Address Status

------- --------------- ------



Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode