Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
422
Views
0
Helpful
1
Replies

New Guest wireless questions

bgfl-tech
Level 1
Level 1

‎08-31-2010 06:21 AM - edited ‎07-03-2021 07:08 PM

Hi all.

We curently have a corporate WiSM estate that anchors a guest wireless network to a 4402 controller sat within a DMZ.  This then uses a custom web bundle for local user authentication, the users which are added by any receptionists at either of two sites.

What is being proposed now, which I could be right in thinking is impossible due to the porposal interfering with our current guest setup, is that an additional internal custom page be added for a different SSID (am I right in thinking that the controller can only use one internal web authentication page?) and have users authenticating using a RADIUS authentication instead of local users.  This, without interfering with the existing local user authentication policy on the original guest wireless.

Then there is the suggestion of having users get IP addresses on different subnets on a per site basis for audit purposes.  I understand AP Group VLANs can do this (we currently have this on our 3 centralised WiSMs), but as no access points associate to the anchor controller itself, any AP group VLANs would sit there redundantly, right?  It was suggested to have differernt VLANs per site, but our current guest setup is a blanket subnet for the entirity of the WLAN and is the way I had envisioned this new SSID to be configured.

AP Group VLANs where they would be negated, different Web Authentication policy for different SSIDs and then the authentication itself being handled by a new RADIUS server instead of the local user policy currently in place for an existing SSID... HELP!!!

Labels:
0 Helpful
1 Reply 1

Stephen Rodriguez
Cisco Employee
Cisco Employee

‎08-31-2010 12:31 PM

Later code, 5.2 and beyond, allow for 21 different custom web pages.  16 for Wireless guests and 5 for Wired guest access.  So that part is easy enough, you just create the pages you want put them all in the same tarball, and then per WLAN you are able to go in and override the global config and select the page you want those users to see.

  For your other thought, you would need to use different WLAN per site if you need to have different VLANs.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card