Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
887
Views
0
Helpful
1
Replies

3750 Switch - Routing Guest WLAN to it's own Internet Access

scott_brown@veyance.com
Level 1
Level 1

‎05-14-2010 07:47 AM - edited ‎03-06-2019 11:06 AM

Looking for some suggestions.  We have a stack of 3750 switches, a 4400 series wireless controller, and a seperate physical internet circuit (dsl) at one of our locations.

Our employee wireless network works great and internet access is provided through our MPLS cloud.

We are looking to deploy a guest wireless network.  The setup of this is fine.  My question is how would I route the traffic from the guest VLAN directly to the internet circuit at this site, through the 3750 switch.  Is this possible or would we have to purchase a firewall?

Labels:
0 Helpful
1 Reply 1

andrew.prince
Level 10
Level 10

‎05-14-2010 08:01 AM

Scott,

You could purchase a firewall - but generally guest WLAN's are unsecure and no-one really cares.  The only thing you want to do is protect your internal network from the Guest WLAN.

What I would do is just write an ACL in the controller - the ACL would limit what Guest WLAN traffic could do:-

Allow ICMP echo & echo-reply only

Allow DNS

Deny any other 1918 traffic to/from the Guest WLAN

Allow everything else.

Create a specific VLAN just for the Guest WLAN, trunk this to the ADSL router, then it's all good.

HTH>

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card