I have the following scenario and I would like to ask for advice.
We are designing a wireless network with "private" and "public" access. "Private" can access the Internet and the Intranet and "Public" can only access the Internet. After authentication we want to tunnel the traffic from the "Public" WLAN to a secure point, it could be a Firewall, an IPS or a Wireless Controller.
My understanding is that the scenario can be built using Light Access Points and Wireless Controllers by tunnelling the traffic of the SSID Public and Private from the AP to the Controller but I have found any configuration document to verify it.
Also, we would like to build a pilot with a single AP. In this case, it is possible to create a tunnel (may be GRE) between the AP and a FW or a router? Also for this pilot we would need an AP capable to work standalone or with a controller. Is the Cisco Aironet 1240G suitable for this?
Finally, any link about similar scenarios and how to configure them would be very appreciated.
i came across the same scenario, as it was a routing in between same facility, so i used VRF-Lite to keep the traffic seperated and pass on the traffic to firewall for internet.
i would realy like to see any practical configurations/answer to your post.
P.S: For what i can tell, you can have a Wireless controller card in your router i.e. 3700,3800 series and controller can then bridge the traffic to it. Sorry i haven't yet implemented it so no configurations.
um its been a time we implemented this but if your plan & deisgn is good, it should not affect any thing .
the only thing negative i remmember was that - you can associate the interface with only one VRF (in some scenarios it affects your other applications).
You can use SVI for a specific VLAN (say wireless) and put your APs port in that VLAN. Then you'll need routed ports between your primary and secondary device (say router) to put traffic on. If you face any issue while implementation, i can rebuild the lab again - let me know about it.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...