Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Flex Connect Central Auth Local Sw+WiredGuest+802.1x by the WAN

Hello my name is Ivan

I would like to authenticate users guest using wired guest through of my wireless network.

I  have a deployment using flex connect in all my sites remotes. My wlc is  in a site A and I try to authenticate users in a site B using wired  guest.

From  the guest user in the site B, he needs to see the web authentication  portal (of the WLC) in the vlan guest. After the user will put the  credentials of the local database of the Cisco WLC (Lobby Ambassador) to  his authenticate

Flex  Connect is using Central Authentication Local Switching. The vlan guest  to the wired guest is the same to the wireless guest user. This vlan  can not pass the wan network

Is possible to do it?

the configuration in the port of the switch is

dot1x guest-vlan supplicant

!

interface gig 0/A

switchport access vlan 50

switchport mode access

switchport voice vlan 40

ip access-group ACL-AUTENTICACION in

authentication event action fail action next-method

authentication event no-response action authorize vlan (vlan guest)

authentication host-mode multi-domain

authentication order mab dot1x webauth

authentication priority dot1x mab webauth

authentication port-control auto

authentication violation protect

mab

dot1x pae authenticator

dot1x timeout tx-period 10

spanning-tree portfast

spanning-tree bpduguard enable

!

Please could you help me.

Thanks

Ivan.

Scenary

Site A     ---------- WAN------------   Site B

Cisco WLC         FlexConnect     AP+Switch2960S+WiredGuest

WiredGuest --- must use Portal Web Authentication of the WLC

1 REPLY
Hall of Fame Super Silver

Flex Connect Central Auth Local Sw+WiredGuest+802.1x by the WAN

The vlan has to be on the same layer2

Wired guest access ports must be in the same Layer 2 network as the foreign controller.

http://www.cisco.com/en/US/docs/wireless/controller/7.2/configuration/guide/cg_user_accts.html#wp1066278

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
185
Views
0
Helpful
1
Replies
CreatePlease login to create content