Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VLAN for Wireless network

Dear Team,

If wireless is setup in a corporate network and there is no requirement to provide guest access to outside users, is it still recommended to segregate the Wireless network? What are the advantages for segregating wireless network considering that wireless users will have complete access to corporate network. Kindly share your views if the total number of users in office is less than 50.

Reason is because, we do not have a Layer 3 switch, hence if VLAN is required for small number of users, we will have to enable it on the WAN router.

Would appreciate if you can share any documentation related to best practices. Thank you.

Regards,

Manoj

2 REPLIES

Re: VLAN for Wireless network

Manoj,

I have my wireless users on their own vlan for three main reasons:

1.) Ease of address management (you know when someone is connected wireless versus them pulling from the same data pull as wired devices).

2.) Ease of control as to where they want/need to go. You can put a policy in place if you don't want users doing something, like streaming Netflix.

3.) In relation to #1, you can have a smaller set of addresses to use. If you share the same pool as wired devices, you'll likely need to double that. Most people forget to turn off their wireless when they dock, so they get two addresses. If you have a separate pool for wireless devices, then it won't take up all of your available wired addresses.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Re: VLAN for Wireless network

Our office has less than 50 people and we only have two access points so we use the same Vlan/subnet for Wired and Wireless Traffic.

It was setup before I started but if I was tasked with redesigning it, I would seperate them for the reasons stated above by John.

Seperate Vlans gives you more control but if its not going to be cost effective or benefitial to seperate them then don't. Just because its best practice does not mean you must do it.

John makes a good point about the addresses though, you would likely need to have a bigger subnet or look at reducing your DHCP lease times for wireless devices to prevent running out.

101
Views
4
Helpful
2
Replies