I have the following problem with Cisco 2504 WLAN Controller.
A customer of mine bought a certificate (GlobalSign) for the guest-wlan. This certificate was successfully implemented by me. But now I´m having problems with the DNS lookup (126.96.36.199 / wlan.mycustomer.de), because they don´t have any DNS-Server in their WLAN-network. This network it completely physically seperated from their other networks. The WLAN-clients are going straight to the router and internet respectively.
So I am not able to do a port forwarding of DNS via firewall into their main network. The router is a AVM Fritzbox and unfortunately it is not possible to make any DNS host entries.
So what can I do? Any ideas?
They will not install any DNS-Server in this WLAN network!
Somebody told me that it is possible to make an A-record for the 188.8.131.52 at the provider´s side where the domain is located. But to be honest, I don´t know how this should work.
If the guest traffic is going straight out to the Internet, then you need to be able to resolve the FQDN of the certificate to the VIP of the WLC. If they don't have an external DNS server and you have to actually have the company who manages their external domain, make an entry for their FQDN of the certificate to be used. The VIP now has to be tied to one of their public address. This works, because I have had to do this many times because of either, no company owned external DNS server, they don't want to open a port on the FW to allow DNS internally and or the service provider will not add a bogus IP address in an a-record.
Help out other by using the rating system and marking answered questions as "Answered"