05-19-2008 01:32 PM - edited 07-03-2021 03:53 PM
There are some issues with the guest lan feature in all releases.
1) No CLI command to set Peer-Blocking
2) Enabling DHCP REQUIRED in the GUI prevents any settings to be saved. It works in CLI.
Can anyone tell me what a GUEST-LAN client's default gateway should be? Is it the IP of the egress interface or the IP of the upstream router ?
Thanks
05-23-2008 12:34 PM
I think you are talking about Guest VLAN. When you configure a guest VLAN, clients that are not 802.1x-capable are put into the guest VLAN when the server does not receive a response to its EAPOL request/identity frame.
05-29-2008 12:24 PM
No, I am talking about wired Guest-Lan capability in releases starting with 4.1.
Another bug I just found in the new 4.130 release is that when the controller is rebooted it enables AUTO-ANCHOR on the GUEST-LAN and there is no way to disable it. Here is the SHOW output. Notice that AUTO-ANCHOR is enabled and no mobility anchor controllers are configured.....
(Cisco Controller) >show guest-lan 1
Guest LAN Identifier............................. 1
Profile Name..................................... Wired-Guest
Network Name (SSID).............................. Wired-Guest
Status........................................... Enabled
AAA Policy Override.............................. Disabled
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 300 seconds
Session Timeout.................................. 36000 seconds
Interface........................................ wired-guest-out
Ingress Interface................................ wired-guest-in
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Enabled
Quality of Service............................... Bronze (background)
Radius Servers
Authentication................................ 172.20.192.150 1812
Accounting.................................... 172.20.192.150 1813
Security
Web Based Authentication...................... Enabled
--More-- or (q)uit
ACL............................................. Unconfigured
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Auto Anchor................................... Enabled
Mobility Anchor List
GLAN ID IP Address Status
------- --------------- ------
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide