Cisco Support Community
Community Member

Dual SSID's

I am looking into purchasing 2 1131AG's. What I want to do is have 1 access point on each floor of my buidling, 2 floors total. Now I want to make sure that when an employee gets on with a wireless laptop, he can access the wireless network with full permissions. When a guest comes, I want him to access only the internet and no internal network.

This brings me to create 2 seperate SSID's. One for Internal Network and one for Guests.

Is it possible to setup 2 different SSID's on both Access points in this way so that a guest or employee walks between floors and has uninteruppted connectivity?

These access points will be connected to Cisco 3750 Layer 3 switches in a Windows server 2003 environment.

Users will have mixed vendor Wireless A G and B wireless network cards.

Can this be possible ?


Re: Dual SSID's

Assuming you have the coverage you need with one AP per floor, yes, it's certainly possible.

Set up two VLANs, assign an SSID to each. Set up your L3 switch for trunking the two VLANs. Forward the traffic from your guest VLAN to your Internet Gateway device, Send the traffic for the internal network to your network gateway device (putting that VLAN in a DMZ would be a good thing.

Put in some ACLs for good measure, establish whatever encryption you feel appropriate, and you're good-to-go.

The MS IAS can only handle PEAP, EAP-TLS, EAP-TTLS, and (probably) MD5. Using MS-CHAPv2 for internal auth is recommended. Microsoft has some pretty good white papers on setting all of this up on their site.

Good Luck


CreatePlease to create content