Has anyone found a good link on configuring guest tunneling using the new Cisco lightweight wireless architecture? I believe the basic concept is to transparently tunnel guest traffic directly from the private wireless network to a wireless LAN controller in a DMZ without having to implement the standard set of access controls in the private LAN network layer to restrict access. The documentation I've seen on CCO mentions the concept in passing but I've yet to find any real configuration tips.
This document assumes that PPTP connections to the router with local Microsoft-Challenge Handshake Authentication Protocol (MS-CHAP) V1 authentication (and optionally MPPE, which requires MS-CHAP V1) have been created with the use of these documents and are already operational. RADIUS is required for MPPE encryption support. TACACS+ works for authentication, but not MPPE keying. MS-CHAP V2 support was added to Cisco IOS Software Release 12.2(2)XB5 and was integrated into Cisco IOS Software Release 12.2(13)T (refer to MSCHAP Version 2), however, MPPE is not supported with MS-CHAP V2 as of yet.
Create the "guest" WLAN on both controllers. Get the routing and authentication working for the "guest" WLAN on the DMZ controller. Create a mobility group and join both the DMZ and Trusted controllers to it. Configure your guest WLAN on the trusted controller as a mobility anchor to the DMZ controller. That should do it more or less.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...