Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

GUEST LAN BUGS in 4.X and 5.X

There are some issues with the guest lan feature in all releases.

1) No CLI command to set Peer-Blocking

2) Enabling DHCP REQUIRED in the GUI prevents any settings to be saved. It works in CLI.

Can anyone tell me what a GUEST-LAN client's default gateway should be? Is it the IP of the egress interface or the IP of the upstream router ?

Thanks

2 REPLIES
Silver

Re: GUEST LAN BUGS in 4.X and 5.X

I think you are talking about Guest VLAN. When you configure a guest VLAN, clients that are not 802.1x-capable are put into the guest VLAN when the server does not receive a response to its EAPOL request/identity frame.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_20_se/configuration/guide/sw8021x.html#wp1026004

New Member

Re: GUEST LAN BUGS in 4.X and 5.X

No, I am talking about wired Guest-Lan capability in releases starting with 4.1.

Another bug I just found in the new 4.130 release is that when the controller is rebooted it enables AUTO-ANCHOR on the GUEST-LAN and there is no way to disable it. Here is the SHOW output. Notice that AUTO-ANCHOR is enabled and no mobility anchor controllers are configured.....

(Cisco Controller) >show guest-lan 1

Guest LAN Identifier............................. 1

Profile Name..................................... Wired-Guest

Network Name (SSID).............................. Wired-Guest

Status........................................... Enabled

AAA Policy Override.............................. Disabled

Number of Active Clients......................... 0

Exclusionlist Timeout............................ 300 seconds

Session Timeout.................................. 36000 seconds

Interface........................................ wired-guest-out

Ingress Interface................................ wired-guest-in

WLAN ACL......................................... unconfigured

DHCP Server...................................... Default

DHCP Address Assignment Required................. Enabled

Quality of Service............................... Bronze (background)

Radius Servers

Authentication................................ 172.20.192.150 1812

Accounting.................................... 172.20.192.150 1813

Security

Web Based Authentication...................... Enabled

--More-- or (q)uit

ACL............................................. Unconfigured

Web-Passthrough............................... Disabled

Conditional Web Redirect...................... Disabled

Auto Anchor................................... Enabled

Mobility Anchor List

GLAN ID IP Address Status

------- --------------- ------

141
Views
0
Helpful
2
Replies