Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Trying to create a Guest SSID with Cisco ASA 5505 and Cisco Aironet 1600

Hello - 


I have been trying so many methods over the past few days as to how to setup a guest network on my ASA. I have attached my config fil for both teh ASA and AP..

Basically, I have 2 networks: (main network for both wired and wireless) and (guest wireless). What is happening is the 192 wireless network is able to get an IP address and browse the internet (DHCP for 192 is being handled by a dhcp server. the guest is being handled by the ASA) but the guest network cannot (it gets the auto IP 169.blah...)

Am I doing this configuration wrong? This ASA has a Sec+ license so I am able to truncate.



Everyone's tags (2)
New Member

Is your AP able to broadcast

Is your AP able to broadcast the GUEST SSID, and unable to get a network.


New Member

I am unsure if its

I am unsure if its broadcasting the SSID. But I do know that a device that tries to connect to the SSID will not get an IP address

New Member

If you are able to detect the

If you are able to detect the SSID, the NAT is probably not configured properly.

Will revert while i take a look.

VIP Purple

Two things look strange to me

Two things look strange to me in your config:

  1. You have a DHCP-server config on both the AP and on the ASA. I would remove it on the AP.
  2. On the AP your VLAN 1 is configured as the native vlan, but on the ASA-trunkport it's not. That at least is inconsistent.

Don't stop after you've improved your network! Improve the world by lending money to the working poor:
New Member

I will correct this tonight

I will correct this tonight and reply back with any differences.

New Member

Hello -  I remove the dhcp

Hello - 


I remove the dhcp pool form the AP and added native vlan to eth0/7

switchport trunk native vlan 1


Nothing changed...

New Member

Does anyone else have any

Does anyone else have any ideas about this?


Could this be a NAT issue? as in I'm not forwarding traffic from guest network to (AP LAN Address) and vice-versa?