11-14-2013 05:15 PM - edited 03-07-2019 04:37 PM
Hi all,
I know this is a silly question but kinldy guide me as i dont have access to a proper wireless router/AP right now
I have understand that SSID essentially defines the WLAN client is connecting to. 2 SSID means essentially 2 different WLANs. Does it mean that every SSID should have a seperate subnet ?
Lets say i have one AP that is configured with 3 SSIDs. Does it mean that we have to define 3 different subnets on this AP ?
Note: I am asking this query in general and not specific to Cisco just to understand wireless basics
Solved! Go to Solution.
11-14-2013 05:42 PM
Technically, yes, you should have a separate subnet per vlan/ssid. With Cisco equipment, you can have multiple SSIDs if the SSIDs are on separate vlans using different encryption. Something has to route your vlan be it a L3 switch or router, but because of that, you would need separate subnets.
It also makes it easier to control where users go. For example, if you have a guest wlan and a corporate wlan, it would be hard to say the guest vlan can only go to certain subnets if it's sharing a subnet with the corporate wlan.
HTH,
John
*** Please rate all useful posts ***
11-14-2013 07:03 PM
You can have multiple subnets/vlan with the same SSID.
For more info, have a look at this post:
https://supportforums.cisco.com/thread/2039215
HTH
11-15-2013 12:31 AM
Now, if i create a second SSID, do i have to create a second subnet ?
You can create multiple SSID but you can all tie it down to one VLAN.
Does this make sense to you?
11-14-2013 05:42 PM
Technically, yes, you should have a separate subnet per vlan/ssid. With Cisco equipment, you can have multiple SSIDs if the SSIDs are on separate vlans using different encryption. Something has to route your vlan be it a L3 switch or router, but because of that, you would need separate subnets.
It also makes it easier to control where users go. For example, if you have a guest wlan and a corporate wlan, it would be hard to say the guest vlan can only go to certain subnets if it's sharing a subnet with the corporate wlan.
HTH,
John
*** Please rate all useful posts ***
11-14-2013 05:46 PM
Sir, does it mean that SSID directly corelates with IP subnet. Pls guide me as i dont have any wireless router in my access.
Lets say i have a wireless router in my office with SSID "office" and dhcp subnet of 192.168.1.0/24. Now i create a second SSID (with different security settings), now will it ask me for second dhcp subnet also ? or this SSID will also work on 192.168.1.0/24 ?
11-14-2013 07:03 PM
You can have multiple subnets/vlan with the same SSID.
For more info, have a look at this post:
https://supportforums.cisco.com/thread/2039215
HTH
11-14-2013 07:12 PM
2 SSID means essentially 2 different WLANs. Does it mean that every SSID should have a seperate subnet ?
No. You can "tie" your different SSID to one VLAN. It's not recommended but it certainly do-able. I know because I've done this before with my 857W.
11-14-2013 10:55 PM
Sir just 1 thing more,
I had a wireless router a while back, i recall, i configured IP subnet separately and SSID separately. IP subnet also works for the lan ports that are present in that router. (i am talking about SMC router, not sure about the model). Now, if i create a second SSID, do i have to create a second subnet ? what i mean to ask is, configuring multiple SSIDs do we need to configure ip subnets also ?
11-15-2013 12:31 AM
Now, if i create a second SSID, do i have to create a second subnet ?
You can create multiple SSID but you can all tie it down to one VLAN.
Does this make sense to you?
11-15-2013 04:05 AM
Leo,
Does this only work with WLCs and 802.1x authentication though? I've tried doing this with autonomous APs in the past, and IOS simply screams at you that there's already an ssid assigned to that vlan.
HTH,
John
*** Please rate all useful posts ***
11-15-2013 03:36 PM
Does this only work with WLCs and 802.1x authentication though?
Good question. The answer is yes. We have >300 VLANs in a controller and we all shove it down a single dynamic VLAN interface. And yes, we run full 802.1x authentication.
I've tried doing this with autonomous APs in the past, and IOS simply screams at you that there's already an ssid assigned to that vlan.
My old 857W can only have one VLAN but I need to create a second SSID for guests. I copied the exact configuration and changed the SSID. It works.
11-16-2013 06:50 AM
Thanks Leo!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: