×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

WLAN Design w/ LWAPP

Unanswered Question
Jun 30th, 2006
User Badges:

I am working on WLAN design that spans single floor of a building with two data closets, an east and a west side.


On each side of the building we are going to plug in LWAPP AP's, 1100 series, into our Cat 4500's In the data center, we are going to use the 4402 WLC to control these APs.


Requirements:

1) One set of users will need to access the internal LAN.

2) Guest users will be granted only Internet access.

3) We cannot trunk the same VLANs to each of the APs, since we are isolating each switch from the rest of the network in case of an outage.


I was thinking that we setup a WLAN with two SSID's. (SSID 1 for internal users and SSID2 for guest users.) We then tunnel the users in SSID 2 out to our firewall via a IPSec tunnel. SSID 1 users will be dumped at the WLC and allowed access to internal resources.


How would you go about accomplishing this?



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Thu, 07/06/2006 - 06:25
User Badges:

Yes,you can setup the link wtih two SSID

stevanp Tue, 07/18/2006 - 21:29
User Badges:

figured it out...just ask if you want to know

jdodson Wed, 07/19/2006 - 03:48
User Badges:

How did you accomplish this? I am setting up a similar customer.

stevanp Wed, 07/19/2006 - 07:39
User Badges:

All I did was create VLANs for each specific WLAN and trunk them to the WLC. At the WLC, I created WLAN interfaces that were in the same subnet as the VLANs on the switch. I then created a DHCP scope that leased out to each of the WLANs and went from there. Since we are dual homed with the WLC, I have VLAN interfaces that are HSRPed between one another and the DHCP scop default gateway is the HSRP address. (On a side note, I have a guest WLAN but I cannot seem to get their ACL's to work properly in order to prevent access to the LAN.)


Search for Cisco 440X Series Wireless LAN Controllers on Cisco.com and hit the first link that pulls up...the downloadable file should be dep.pdf


Check that deployment guide out and let me know if you have questions. Feel free to hit me up at [email protected] and we'll take it offline.


Stevan

Actions

This Discussion