05-14-2009 08:33 AM - edited 07-03-2021 05:36 PM
I am getting a bit overwhelmed with information regarding the set up of guest users on the Wireless network, and have a couple questions that I was hoping the community would answer.
I'm running a WiSM on software version 4.2, as well as a WCS on the same version.
1. Is it possible to have accounts created by the users themselves after they associate to the wireless network? If so, what needs to be done to set this up?
2. Does a special VLAN need to be created for guests to use?
Solved! Go to Solution.
05-26-2009 07:43 PM
For the first question, if you want more than users putting in an email address for tracking purposes, Fella5 is right on.
To answer the second question, you don't technically need a special VLAN for guest users. In most cases, however, you should have one to better apply security settings in your network to guests. In our office, with 10 people, we are using the same subnet for internal data, voice, and guests. However, we are using 3 different SSIDs with different security policies and QoS policies applied to them. And, the guest SSID has an ACL applied to it to limit traffic to the Internet only. When you're given a /27 subnet to work with, you make do :)
05-19-2009 08:49 AM
Any feedback on this?
I have heard that it's possible to set up self-provisioning so that a guest can have temporary access, but I am unable to find any documentation to support this.
It's leading me to assume that it's not possible, however some confirmation would be greatly appreciated.
05-26-2009 04:02 AM
The only Cisco product that I know is the NAC Guest Server. This will allow guest users to create their own account info. It is not possible to do this with either just a WLC and or WCS.
http://www.cisco.com/en/US/docs/security/nac/guestserver/configuration_guide/20/g_hotspots.html
05-26-2009 07:43 PM
For the first question, if you want more than users putting in an email address for tracking purposes, Fella5 is right on.
To answer the second question, you don't technically need a special VLAN for guest users. In most cases, however, you should have one to better apply security settings in your network to guests. In our office, with 10 people, we are using the same subnet for internal data, voice, and guests. However, we are using 3 different SSIDs with different security policies and QoS policies applied to them. And, the guest SSID has an ACL applied to it to limit traffic to the Internet only. When you're given a /27 subnet to work with, you make do :)
05-27-2009 05:50 AM
Thanks for the answers guys.
The fact I need an extra appliance sure makes sense now as to why I was having issues sorting through the WCS documentation to find information on this.
Thanks as well for the tip about having a separate SSID even though it's on the same VLAN as the others. It makes a lot of sense.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: