Then you need to configure “wired-guest” WLAN for the mobility anchor as shown in the below. Then ensure Anchor Controller is added to mobility list. Since I have configured my users on ACS, I have added it as AAA server. 元 Authentication can be Web-Auth, Pass through or None. In the WLAN edit page you have to select “wired-guest” interface you created as ingress interface & any other interface as egress (Usually keep management as egress interface). You can define 5 different Guest LAN on your controller & there for ID number should be between 1-5. Type should be “Guest LAN” in this scenario. Then you need to create a WLAN to support these wired guest users. Ensure you tick “Guest LAN” option as shown in the below. Now in WLC2, you can first define a “wired-guest” interface. Switchport trunk allowed vlan 1-17,19-4094 In CAT3 switch configuration should look like this. (In practical deployment scenario you does not require this) Layer 3 interface for this defined on CAT2, but there are no layer 2 connectivity on this VLAN between CAT2 & CAT3. To simulate vlan isolation in Anchor & foreign WLCs & I have created an isolated layer 2 vlan (vlan 18 named WIRED- GUEST) on CAT3 which is not allow to CAT2 via the trunk link. To test this out (scenario 2), I have used below topology. Therefore vlans defined on your inside network is not span into DMZ. Ideally your Mobility Anchor WLC will be in DMZ & foreign WLCs will be inside of your network. After it completes the authentication, the client is allowed to send/receive. After a successful handoff of the client to the DMZ anchor controller, the DHCP IP address assignment, authentication of the client, etc. This local WLC anchors the client onto a DMZ Anchor WLC that is configured for wired and wireless guest access. Two WLAN controllers (Auto Anchor mode) – the access switch trunks the wired guest traffic to a local WLC (the controller nearest to the access switch).This controller carries out the VLAN translation from the ingress wired guest VLAN to the egress VLAN. A single WLAN controller (VLAN Translation mode) – the access switch trunks the wired guest traffic in the guest VLAN to the WLC that provides the wired guest access solution.Two separate solutions are available for this: In this post we will see how to configure this Wired Guest Access service. Like we configured guest access service for wireless users, same feature can be extended to wired guest users using WLC configuration.
0 Comments
Leave a Reply. |