Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
332
Views
0
Helpful
1
Replies

guest access only internet

sachin.bramhankar
Level 1
Level 1

‎04-04-2009 07:21 AM - edited ‎07-03-2021 05:24 PM

I have Cisco 1230AP's providing access to my LAN for laptop users. The encryption is via WPA. I now need to setup my guests/visitors - keeping them away from my LAN and internal network and they can only (guest) use internet but all employs should use intranet & internet . How can I do this? Do I just setup a 2nd SSID or do I need to implement some type of VLAN? My switch is 3750 managed AND my internet is terminet on firwall.Thanks for your help...

Labels:
0 Helpful
1 Reply 1

Scott Fella
Hall of Fame
Hall of Fame

‎04-04-2009 08:56 AM

If you are running autonomous AP's then you can create another ssid and another vlan. Configure the switchport the ap is connected to as a dot1q trunk with the native vlan being the subnet the ap management ip is on. Then force that guest vlan to your FW. Don't configure any L3 interface on your internal, but on your FW for the guest. At least you can isolate the guest vlan until it hits your FW where you can create your policies.

http://www.cisco.com/en/US/docs/wireless/access_point/12.3_7_JA/configuration/guide/s37ssid.html

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card