- Gold, 750 points or more
I have a 2106 controller with a guest access SSID on a isolated vlan 192. The guest SSID is setup for webauth and redirects all traffic to the isolated vlan 192. There is a RADIUS server handling AD authentications on the native management vlan. The dhcp scope on the guest access (192) vlan resides on a watchguard firewall. When I connect to the guest SSID with a WLC resident account and password I am allowed internet access fine. When I use a AD account and password from the rest of the network I am also allowed on fine. Anyone seen this before? I should not be able to even to see the AD server from the isolated VLAN much less have the controller see it as a valid login. I get an IP address from the isolated vlan and I can not ping my protected (all other vlans) network. The problem is I can not monitor content easily or filter where my AD users are going if they connect to the guest SSID. Code is older version 188.8.131.52 and I will upgrade unit to 4.1.185 this week but I suspect the problem will still exist.