Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Guest WLAN question

On the Cisco 5508 WLC, is the guest WLAN function limited only to http/https traffic?

I want to enable users to

1. Connect to the guest WLAN without client-side configuration (these would be outside users with laptops)

2. Authenticate with the local controller database

3. Use other protocols in addition to http/https

For instance: if they need to FTP a file up or down from an extranet

Is this possible to do?

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Guest WLAN question

Yes that is correct. Webauth or pass through uses either http or https. That is why you see those protocols. Doesn't mean the WLC only allows that. You just block what you want on the ASA.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
6 REPLIES
Hall of Fame Super Silver

Re: Guest WLAN question

1. Connect to the guest WLAN without client-side configuration (these would be outside users with laptops)

> you would setup an open authentication with a captive portal page in which the user can just hit accept to access the guest wireless.

2. Authenticate with the local controller database

> you can setup webauth for guest users to login using a username and password that is locally stored on the WLC.

3. Use other protocols in addition to http/https

For instance: if they need to FTP a file up or down from an extranet

Once they are authenticated, they can do whatever your network allows.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Hall of Fame Super Silver

Re: Guest WLAN question

Here are some links to review.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008067489f.shtml

https://supportforums.cisco.com/docs/DOC-13954

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
New Member

Guest WLAN question

So there is not some kind of inherent limitation in regards to traffic that is defined on a guest WLAN?

In this scenario, it is very simple. I have a controller connected directly to an ASA firewall. So aside from assigning ACLs on the controller or ASA, authenticated clients will be able to do whatever they want on the Internet (in terms of ports, applications, etc.)?

Hall of Fame Super Silver

Re: Guest WLAN question

Yes that is correct. Webauth or pass through uses either http or https. That is why you see those protocols. Doesn't mean the WLC only allows that. You just block what you want on the ASA.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
New Member

Guest WLAN question

Great, thanks Scott

Hall of Fame Super Silver

Re: Guest WLAN question

No problem. Just follow the doc and it should be pretty simple to setup.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
127
Views
7
Helpful
6
Replies
CreatePlease to create content