In looking over some design guides, I noticed for a multi-WLC environment, one can use an anchor controller in the dmz to segregate guest traffic, so the WLC(s) on the client's internal network terminate tunnels and then sends EoIP traffic to the anchor in the dmz for the guest traffic.
For a single 5508, it appears there is no such option unless the multiple WLC ports could be used: some to terminate tunnels and then others to egress guest traffic out a different port connected to the dmz.
I suspect that is not possible. Wondering what is possible when constrained by a single 5508 for guest traffic segregation. Thanks.
#whether it is one internal to one guest or multiple internal to one guest the physical connection is always same.
#only management interface of both internal & anchor needs to be talking physically irrespective of guest wlans getting tunnelled between that internal & anchor WLC, ofcoarse need a physical port configured for guest vlan at dmz.
#For WLC(internal) without dmz-wlc you need one physical port mapped to that guest vlan, either you can use ACL on WLC or at firewall.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...