Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
269
Views
0
Helpful
2
Replies

Public SSID/VLAN config

dsturgeon
Level 1
Level 1

‎03-06-2007 05:43 AM - edited ‎07-03-2021 01:44 PM

I will have some outside vendors and support staff using wireless from inside my network. In order to try and setup a "secure" net for them to use that is segmented from the rest of my network, I created a new vlan (pspf enabled) and ssid for them. On the vlan I have setup and acl and applied it to the incoming traffic. Here it is:

10 permit icmp any any

20 permit udp any eq bootpc any

30 deny tcp any 10.0.0.0 0.255.255.255

40 deny udp any 10.0.0.0 0.255.255.255

50 permit tcp any any eq www

60 permit tcp any any eq 443

70 permit udp any any eq domain

80 deny ip any any log

I have tested it briefly and it appears to be doing what I want, any recommendations on tweaks?

dave

Labels:
0 Helpful
2 Replies 2

prakashj
Level 1
Level 1

‎03-10-2007 02:36 AM

Hi dave,

Yaa your condition is correct ,You can add the follwoing condition insted of using

'20 permit udp any eq bootpc any'

new

'20 permit udp any any eq bootps'

are you allowing any telnet,SSH seesion ?,If then apply the condition for the same or block the same.

Regads

Saji k.s

0 Helpful

prakashj
Level 1
Level 1

‎03-10-2007 02:38 AM

Hi dave,

Apply this command.

permit udp any any eq bootpc

Regds

saji k.s

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card