Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Web authentication across multiple WLCs

G'day All,

I've got a simple wireless deployment where there are 2 active WLCs to load balance AP count between the 2. I need to create a simple guest network, so the web auth and lobby ambassador setup is the go, but I am not sure how to only have the one web-auth and lobby ambassador setup working across the 2 WLCs. Obviously a single WLC is straight forward, but it is possible to have a single instance of the web-auth working across the 2 active controllers. I don't want to have to create guest accounts on both WLCs.

Thanks and all help is always greatly appreciated guys.

Ta.

JS.

  • Getting Started with Wireless
6 REPLIES
New Member

Web authentication across multiple WLCs

Sure this can be done,

On this setup, you are sending all the information from the clients connected to the WLANs that are being anchored to the anchor controller and then you put this traffic on the network so, the authentication process will take place on the anchor controller; this means that the data base that you are going to use for authentication (the local user list in this case) has to be located on the anchor side. So, since Loby Ambassador is just going to add entries to the controlle's database you just need to have the Loby Ambassador setup on the anchor side.

If you have questions just let me know

Best regards,

Marco Gonzalez

Cisco TAC TL

New Member

Web authentication across multiple WLCs

Thanks Marco, and thanks for the prompt response.

So it is just a simple guest anchor setup. I have done this previously with the anchor in a dmz, but the anchor did not have any APs registered to it.

So I understand the mobility anchoring of the WLAN on 'foreign' wlc to the anchor,  and the local anchoring of the WLAN on the anchor WLC, but if the anchor also has APs registered to it, is there anything that needs to be configured??

Thanks

JS

Hall of Fame Super Silver

Re: Web authentication across multiple WLCs

It's not a normal setup, but you can always anchor an ssid to one wlc if you want. No other special configurations at all. Treat the guests said like how you would a dmz wlc even though it will also have APs.

Sent from Cisco Technical Support iPhone App

Thanks, Scott *****Help out other by using the rating system and marking answered questions as "Answered"*****
New Member

Web authentication across multiple WLCs

Thanks for the reply Scott.

I should have this deployed in the next week or so, so I'll try to report back with my experience.

Just for my knowledge, when you say it isn't a normal set up for a guest anchoring, are you able to give me a run down on what a normal setup should look like.

Thanks

JS

Hall of Fame Super Silver

Re: Web authentication across multiple WLCs

Well, typically if you want a single location for guest, you would have a dedicated wlc in the dmz and tunnel traffic from your internal wcs to the guest dmz wlc. Depending on how many guest you will have, you can use a 2504 running v7.4 or later or a 5508-12.

Here is a link

http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob73dg/ch10GuAc.html

Sent from Cisco Technical Support iPhone App

Thanks, Scott *****Help out other by using the rating system and marking answered questions as "Answered"*****

Web authentication across multiple WLCs

Hello,

As per your query i can suggest  you the following solution-

Yes, this is possible to have a single instance of the web-auth working across the 2 active controllers

Hope this will help you.

434
Views
5
Helpful
6
Replies