1242 Access Point as DHCP Server

Unanswered Question
Aug 23rd, 2010

This may not be the appropriate forum but it is a place to start.

I am trying to setup a simple guest wireless AP.  I want the AP to handle DHCP for the clients (say pool 172.31.10.x).  The DHCP server should only respond to requests from its wireless clients.  The AP is on our corporate LAN (192.168.200.65).  I want to restrict, using ACLs, what the wireless clients can access on the 192.168.200.x network.  I basically want them to be able to surf the web and use any VPN software that they might need.

Any help and suggestions will be greatly appreciated.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dancampb Mon, 08/23/2010 - 11:08

First, keep in mind that the DHCP server on an AP will only work for the subnet assigned to the BVI1 interface.  It will also respond to any DHCP Discover it hears, wired or wireless.  The only way to stop it from responding to wired-side requests would be an ACL.

roberthager Mon, 08/23/2010 - 11:35

Maybe not the most elegant solution but you can try the following:

Create a new Interface on a second port (call it Guest to keep it easy)

Assign an IP address to the Guest Interface for the 172 net.

Create a new WLAN and have it use the Guest Interface

Use a web auth or something else if you wish on the Guest WLAN

You can then create a new DHCP scope on the Controller

Assign your FW as the default GW for the net (don't forget to add an interface and IP on the 172 net on the FW).

Use FW rules to limit access to your 192 net as needed.

Actions

This Discussion

Related Content

 

 

Trending Topics - Security & Network