cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
596
Views
0
Helpful
7
Replies

Trying to create a Guest SSID with Cisco ASA 5505 and Cisco Aironet 1600

sam.kaddoura
Level 1
Level 1

Hello - 

 

I have been trying so many methods over the past few days as to how to setup a guest network on my ASA. I have attached my config fil for both teh ASA and AP..

Basically, I have 2 networks: 192.168.0.0/24 (main network for both wired and wireless) and 10.10.10.0/24 (guest wireless). What is happening is the 192 wireless network is able to get an IP address and browse the internet (DHCP for 192 is being handled by a dhcp server. the guest is being handled by the ASA) but the guest network cannot (it gets the auto IP 169.blah...)

Am I doing this configuration wrong? This ASA has a Sec+ license so I am able to truncate.

 

 

7 Replies 7

Koh Chin Han
Level 1
Level 1

Is your AP able to broadcast the GUEST SSID, and unable to get a network.

 

I am unsure if its broadcasting the SSID. But I do know that a device that tries to connect to the SSID will not get an IP address

If you are able to detect the SSID, the NAT is probably not configured properly.

Will revert while i take a look.

Two things look strange to me in your config:

  1. You have a DHCP-server config on both the AP and on the ASA. I would remove it on the AP.
  2. On the AP your VLAN 1 is configured as the native vlan, but on the ASA-trunkport it's not. That at least is inconsistent.

I will correct this tonight and reply back with any differences.

Hello - 

 

I remove the dhcp pool form the AP and added native vlan to eth0/7

switchport trunk native vlan 1

 

Nothing changed...

sam.kaddoura
Level 1
Level 1

Does anyone else have any ideas about this?

 

Could this be a NAT issue? as in I'm not forwarding traffic from guest network to 192.168.0.157 (AP LAN Address) and vice-versa?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: