I am planning to add a guest SSID to my wireless network. I currently have AP-1231g access points configured as wpa using private certificates and a RADIUS server for authentication. I have added the guest SSID and created a vlan for it. What I am trying to figure out is the best solution for DHCP. Currently my private network uses a Microsoft server for dhcp. Unfortunately I cannot re-number my LAN to carve out a subnet for my guest users. I do not want them to be able to browse my internal network nor do I wish to enter static addresses for them. My edge firewall is a Cisco ASA5550 and I have an open port there. Would it be possible to enable dhcp on that interface and assign it to the same vlan as the guest SSID? Would I encounter issues with the access points and two different dhcp servers?
Think you'd be OK with that plan. There won't be a problem with having two different DHCP servers available to the APs as the DHCP server the client will request an address from depends on the SSID they connect to. If they connect to the corporate SSID they get an address from yuor Windows server, if the guest SSID, from the DHCP server running on the ASA.
I have successfully configured the interface on the ASA for dhcp. When I connect directly to the interface I receive an ip address. I created a vlan on the 3500XL switch the access point is plugged into and made sure the SSID is associated with this vlan. I do not receive an ip address when I connect to the SSID. I suspect this is because I cannot figure out how to apply an ip helper address to the vlan I created on the 3500XL switch. The ports between the switches have been configured as trunk ports. I tried using the ip redirect on the access point itself but that failed as well. Any suggestions?