Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
336
Views
0
Helpful
2
Replies

What is the best way to add a guest networ?

saidfrh18
Level 1
Level 1

‎10-14-2009 02:29 PM - edited ‎03-09-2019 10:38 PM

What is the best way to configure a guest network? The guest network would have access to the Internet only. The guest network will would not have access to servers. We have a an ASA firewall, Cisco router and L3 switch.

Thanks.

Labels:
0 Helpful
2 Replies 2

Panos Kampanakis
Cisco Employee
Cisco Employee

‎10-14-2009 03:37 PM

You have two options, either use ZBF on the router or use the ASA to firewall the guest network.

In either case the guest network will be a dmz/zone itself. You will use ACLs to define where hosts can go and cannot go. And you will also set up their translations for when they want to browse the internet.

For an IOS set up you would have zone guest and zone outside for example and you would define the policies for the zone pair guest-to-out. Also you would define translations for the guest network when it traverses and goes to the outside.

For an ASA scenario you will have a interface or subinterface guest lets say, and the outside interface. Again you would define policies for traffic traversing these two interfaces and the corresponding translations.

PK

0 Helpful

saidfrh18
Level 1
Level 1
In response to Panos Kampanakis

‎10-14-2009 03:44 PM

PK,

Would the ASA be able to provide DHCP IP?

Said

0 Helpful
Customers Also Viewed These Support Documents