Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Guest Wireless access through inside interface

We have inherited a Cisco wireless lan controller 4400 and about

25 Cisco Aironet 802.11 a/b/g access points. I wanted to set

this up on our ASA 5510 using the inside interface for guest

access( Using the inside interface was the suggestion of a co-worker)

Vlans are setup for the Wireless controller and the

APs to my Wireless switch. If I setup a subinterface of the inside

interface and then setup the vlan for that subinterface how should

I setup the global PAT for that subinterface? And then how would I setup

the ACL to allow the guest access off the APs. I am a little

fuzzy on this so please excuse the possible holes or misinformation.

I just need a little design guidance.



Guest Wireless access through inside interface


The NAT for that interface would be the same as for any other interface. Just determine whether you want just the inside users to access the internet or if you want the outside users to also connect to this devices.

Now for the ACL it would depend. If you are trying to set the interface as inside then it will have a security level of 100 hundred which means it's the highest security level possible. No need for an ACL if want to access the outside or any other lower security level.

Rate all of the helpful posts!!!



Follow me on

Julio Carvajal
Senior Network Security and Core Specialist
CreatePlease to create content