Stop advertising hosts on Wifi network

Unanswered Question
Sep 23rd, 2010
User Badges:

Any there a way to stop advertising Cisco appliances on a WiFi network. For example when I logon to our in-band Guest Wifi using nmap I can see the Cisco Controller interfaces and the NAC server trusted and untrusted interfaces as well as the Web Server for authentication. I would rather not have these hosts advertised on our Wifi Guest network and only for the client to see DHCP Default Gateway. Is this possible or is this more of a topolgy design issue?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Stephen Rodriguez Mon, 09/27/2010 - 06:54
User Badges:
  • Purple, 4500 points or more

For the WLC at least you could define an ACL that blocks the client subnets and apply it as a CPU ACL.  For WCS and NAC, you would need ACL at L3, but I would definitely test in a lab environment to make sure all necessary ports are open.


This Discussion



Trending Topics - Security & Network