Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3239
Views
5
Helpful
4
Replies

Steps needed for Guest access / self-provisioning accounts

Go to solution
jpeterson6
Level 2
Level 2

‎05-14-2009 08:33 AM - edited ‎07-03-2021 05:36 PM

I am getting a bit overwhelmed with information regarding the set up of guest users on the Wireless network, and have a couple questions that I was hoping the community would answer.

I'm running a WiSM on software version 4.2, as well as a WCS on the same version.

1. Is it possible to have accounts created by the users themselves after they associate to the wireless network? If so, what needs to be done to set this up?

2. Does a special VLAN need to be created for guests to use?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
JASON BOYERS
Level 5
Level 5

‎05-26-2009 07:43 PM

For the first question, if you want more than users putting in an email address for tracking purposes, Fella5 is right on.

To answer the second question, you don't technically need a special VLAN for guest users. In most cases, however, you should have one to better apply security settings in your network to guests. In our office, with 10 people, we are using the same subnet for internal data, voice, and guests. However, we are using 3 different SSIDs with different security policies and QoS policies applied to them. And, the guest SSID has an ACL applied to it to limit traffic to the Internet only. When you're given a /27 subnet to work with, you make do :)

View solution in original post

0 Helpful
4 Replies 4

Go to solution
jpeterson6
Level 2
Level 2

‎05-19-2009 08:49 AM

Any feedback on this?

I have heard that it's possible to set up self-provisioning so that a guest can have temporary access, but I am unable to find any documentation to support this.

It's leading me to assume that it's not possible, however some confirmation would be greatly appreciated.

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to jpeterson6

‎05-26-2009 04:02 AM

The only Cisco product that I know is the NAC Guest Server. This will allow guest users to create their own account info. It is not possible to do this with either just a WLC and or WCS.

http://www.cisco.com/en/US/docs/security/nac/guestserver/configuration_guide/20/g_hotspots.html

-Scott
*** Please rate helpful posts ***

Go to solution
JASON BOYERS
Level 5
Level 5

‎05-26-2009 07:43 PM

For the first question, if you want more than users putting in an email address for tracking purposes, Fella5 is right on.

To answer the second question, you don't technically need a special VLAN for guest users. In most cases, however, you should have one to better apply security settings in your network to guests. In our office, with 10 people, we are using the same subnet for internal data, voice, and guests. However, we are using 3 different SSIDs with different security policies and QoS policies applied to them. And, the guest SSID has an ACL applied to it to limit traffic to the Internet only. When you're given a /27 subnet to work with, you make do :)

0 Helpful

Go to solution
jpeterson6
Level 2
Level 2
In response to JASON BOYERS

‎05-27-2009 05:50 AM

Thanks for the answers guys.

The fact I need an extra appliance sure makes sense now as to why I was having issues sorting through the WCS documentation to find information on this.

Thanks as well for the tip about having a separate SSID even though it's on the same VLAN as the others. It makes a lot of sense.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card