I have a 871W at a remote site that VPN's into the corporate office via DSL. Trusted wireless clients are configured for WPA-PKS/TKIP desktops are hard wired. I am trying to configure a guest ssid that has only access to the internet while letting the trusted client use the tunnel. I've been poking at this for a couple of days and I could really use some help.
I've discovered that removing the default dot0 bridge group and creating a new ssid, dot0.x, int vlanx, int bvix and add bridge x route IP, that I can attach to the new group but then I am unable to attach to the WPA group. It seems that the most recent BVI interface assumes the AP identity.
I know this is very vague and I would be glad to post my config. I am really curious if I am trying something that can't be done on the 871W.
I have been fighting the same problem for over 6 months with no help from Cisco TAC. No one in their TAC has any clue about this router. I just don't think it works. I was told you can't do 802.1x with bridge interface so I'm curious how yours is working. I'll be happy to share my config with you. please respond or call me 434 951-3265.
Then use access-lists to control access to and from resources. I have a dsl connected to FA4 and a dialer group that I use to connect to the internet. I have a default route that points to Dialer0 and use a access list to control what traffic gets tunnelled back to the main office. I have had a couple of times where I couldn't ping the internet from the employee SSID but I think it's an ACL problem. (or this is just flaky!!)
Give it a try and let me know if it works for you....I'm going to keep on working on it
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...