Re: WLAN Design w/ LWAPP

stevanp · ‎06-30-2006

I am working on WLAN design that spans single floor of a building with two data closets, an east and a west side.

On each side of the building we are going to plug in LWAPP AP's, 1100 series, into our Cat 4500's In the data center, we are going to use the 4402 WLC to control these APs.

Requirements:

1) One set of users will need to access the internal LAN.

2) Guest users will be granted only Internet access.

3) We cannot trunk the same VLANs to each of the APs, since we are isolating each switch from the rest of the network in case of an outage.

I was thinking that we setup a WLAN with two SSID's. (SSID 1 for internal users and SSID2 for guest users.) We then tunnel the users in SSID 2 out to our firewall via a IPSec tunnel. SSID 1 users will be dumped at the WLC and allowed access to internal resources.

How would you go about accomplishing this?

Report Inappropriate Content · ‎07-06-2006

Yes,you can setup the link wtih two SSID

stevanp · ‎07-18-2006

figured it out...just ask if you want to know

jdodson · ‎07-19-2006

How did you accomplish this? I am setting up a similar customer.

stevanp · ‎07-19-2006

All I did was create VLANs for each specific WLAN and trunk them to the WLC. At the WLC, I created WLAN interfaces that were in the same subnet as the VLANs on the switch. I then created a DHCP scope that leased out to each of the WLANs and went from there. Since we are dual homed with the WLC, I have VLAN interfaces that are HSRPed between one another and the DHCP scop default gateway is the HSRP address. (On a side note, I have a guest WLAN but I cannot seem to get their ACL's to work properly in order to prevent access to the LAN.)

Search for Cisco 440X Series Wireless LAN Controllers on Cisco.com and hit the first link that pulls up...the downloadable file should be dep.pdf

Check that deployment guide out and let me know if you have questions. Feel free to hit me up at stevanp@yahoo.com and we'll take it offline.

Stevan