Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Possible with WLC 4402

Wanted to know if the 4402 would fit our envirment till we move to a different means of authentication at our school. I already have the 4402 for the new method but we are not ready to deploy that as yet.

Currenly the wireless network we use has a VPN concentrator at the head of the network. We use standalone APs that broadcast an open SSID. Users attach the the SSID and get a private IP. They authenticate with a VPN client. Once authenticated they are given a public IP address.

I would like to be able to place the 4402 and its 1131 APs on this network and have it with with the VPN method we use know. What I don't know. Will I be able to config the 4402 to handle the private then public exchange of IP addresses that the client phase through as they authenticate? I have no control over the VPN and the DHCP servers. Everything is untagged on this network and there are no VLANs. Would I need to create interfaces for the private and public subnets that the client use? 4402 is on another subnet along with the AP. Since the network is untagged I might need a separate port for the private and public subnets. The 4402 would then not have enough ports for this to work or am I'm not thinking correctly.

Craig

2 REPLIES
Silver

Re: Possible with WLC 4402

As far as VPN is concerned you will have to configure the specific WLAN in WLC for VPN passthorugh. No seperate interface for public and private subnet.

New Member

Re: Possible with WLC 4402

I found the VPN passthrough setting for the WLAN an enabled it. It appears clients are connecting to the open WLAN. Looks like they are not getting a private IP.

We use external DHCP server and it isn't in same subnet as the pool it distributes. Users are to connect to the open WLAN and obtain a private IP from the DHCP server. They then authenticate via the VPN client and obtain a public address. Not sure how to define the interface for the WLAN. Should be be based on the private ip subnet or public. Since the DHCP server is not on the clients private subnet do I need a routing statement to allow client to be able to contact DHCP server.

Craig

140
Views
0
Helpful
2
Replies