Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

vWLC and Guest Wired

Ciao,

we are going to test the Guest capabilities of the vWLC (version 7.4.121.0) with no anchor.

The WiFi Guest and authentication works well.

The Wired Guest seems to have problems:

- ip to client is assigned (ok)

- then no packets seems to leave the vWLC (no dns request exit the vWLC for example) nor the auth page comes up

For the last point I was on the ASA and no packets arrives.

 

On vWLC: ingress interface is the L2 vlan, while the egress interface is the L3 vlan (with ASA as gateway)

 

Any suggestion ?

 

Cheers,

L.

  • Security and Network Management
1 ACCEPTED SOLUTION

Accepted Solutions

Restrictions for Configuring

Restrictions for Configuring Wired Guest Access

  • Wired guest access interfaces must be tagged.
  • Wired guest access ports must be in the same Layer 2 network as the foreign controller.
  • Up to five wired guest access LANs can be configured on a controller. Also in a wired guest access LAN, multiple anchors are supported.
  • Layer 3 web authentication and web passthrough are supported for wired guest access clients. Layer 2 security is not supported.
  • Do not trunk a wired guest VLAN to multiple foreign controllers, as it might produce unpredictable results.
3 REPLIES
New Member

Ciao, moving from VDS to

Ciao,

 

moving from VDS to 1000V everything works fine ... in attach the captures (on client side): with 1000V arp resolution for the gateway (10.129.187.25) and DNS lookup work fine (so the authentication)

With VDS the client (Vmware_b7:25:15 - 10.129.187.30) gets stuck with ARP request about the gateway.

 

Ciao!

L.

Restrictions for Configuring

Restrictions for Configuring Wired Guest Access

  • Wired guest access interfaces must be tagged.
  • Wired guest access ports must be in the same Layer 2 network as the foreign controller.
  • Up to five wired guest access LANs can be configured on a controller. Also in a wired guest access LAN, multiple anchors are supported.
  • Layer 3 web authentication and web passthrough are supported for wired guest access clients. Layer 2 security is not supported.
  • Do not trunk a wired guest VLAN to multiple foreign controllers, as it might produce unpredictable results.
New Member

Ciao, the problem was due to

Ciao,

 

the problem was due to bad configuration of the promiscuous mode on the ESX virtual switch ... arghh!!

 

Cheers,

L.

103
Views
0
Helpful
3
Replies