How to config cisco 4402 guest lan

Unanswered Question

I'm currently setting up a wirless lan with a Cisco 4402 Wireless Lan Controller and 1 cisco 1242AG Access points first. the access points can be discover. A couple of thing are bugging about it.

Until now, on the controller I've done that:

1. setting the interfaces:

- ap-manager - vlan untagged, IP, dynamic AP management enabled

- management - vlan untagged, IP

- service-port - IP

- virtual - IP

- vlan2 - vlan 2, IP

- guest - vlan 4, IP

2. creating 2 WLANs for internal and guest access with vlan 2 and guest interface respectively.

When using the wireless, i can find the SSID for internal WLAN, but not guest WLAN, there is no problem with internal WLAN, What's the steps to make the guest WLAN works?

How can my notebook connect to the guest WLAN by using the guest SSID?

I want to create one more interface, but i can't create it with vlan untagged, what's the problem?

Any advice will be good I guess, I am kind of stuck here.

Thank you!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
arlincurtis Wed, 06/18/2008 - 20:49

When you created the Guest interface did you put a tick in either Quarantine or Guest LAN? As both of these need to be unchecked.

Also when you look at WLANs tab are both WLANS enabled? When you created the WLAN under "Type" did you choose Guest LAN or WLAN?

arlincurtis Wed, 06/18/2008 - 22:37

The way I did it was by creating two identical WLANS, Internal and Guest each going to two seperate interfaces and VLANs. I then created an ACL on the WLC that permited traffic only to the Internet and applied that to the Guest Interface, this works really well for me.

Whenever I tried creating a "Guest LAN" or checking the "Guest LAN" check box on the interface it never worked for me.

Check this out.

arlincurtis Wed, 06/18/2008 - 22:53

No, the configuration of the two WLANs are indentical, except they have different names, IP addresses, Interface and VLAN, E.g

SSID - "Internal" vlan 10 - -Interface -Internal

SSID - "Guest" vlan 150 - Interface - Guest

So when you're creating a guest WLAN choose "WLAN" not "Guest LAN"

arlincurtis Wed, 06/18/2008 - 23:18

..following on from above, when you create a Guest interface this is where you apply an ACL to restrict traffic to the Internet.

arlincurtis Thu, 06/19/2008 - 14:44

It's a little hard to understand what you're trying to say. On the guest or internal interface have you configured a DHCP server? Have you configured a DHCP scope for the either WLAN? What's is error you get when trying to connect to the guet WLAN with the guest interface?

When you're creating a WLAN you shouldn't use the management interface. You should be using another one of your Dynamic interfaces that you created, i.e. either the "Internal" or "Guest" interface.

If you follow the steps from the website I sent you before, you should be good to go

i can't get IP from DHCP server for guest lan, if i enter IP at the network property, it then works. i have configured a DHCP on the guest interface. should i check DHCP override or DHCP server assignment from the WLAN, guest SSID?

i can't create other interface with the same vlan as management interface now, i want to create one more interface as the same as the vlan of management interface.

Scott Fella Fri, 06/20/2008 - 19:14

This shows that the client is failing authentication and since you have client exclusion enabled, you get this error. You need to fix the authentication and you will not get this error. You can also disable client exclusion.

Post your show run-config so we can verify you configured everything on the wlc correctly.

The DHCP server and client works fine now. but another problem comes up. When i remove the production WLAN profile name and SSID, then i create a new WLAN profile and SSID for the production LAN, but i can't find the SSID from client notebook, it's not the first time. When i remove and recreate another SSID, i can't find the SSID with client. Any idea? Thank you!


This Discussion



Trending Topics - Security & Network