cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

315
Views
5
Helpful
2
Replies
Highlighted
Cisco Employee

CWA configuration on the WLC under WLAN?

Hi All,

Just a quick sanity check, I'm following the "Central Web Authentication on the WLC and ISE Configuration Example - Cisco" and just wondering if the "P2P Blocking Action" can be set to Drop for the CWA WLAN as this will prevent the clients under the same WLAN not communicating with each other especially for the Guest WLAN.

Screen Shot 2017-05-05 at 5.20.09 pm.png

Please let me know if this will be ok with the CWA Config!

Thanks,

Won

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Contributor

Re: CWA configuration on the WLC under WLAN?

Won-

no worries, I have that enabled as well and all works fine on 8.1.x controller. Your ACL's on the WLC (and ISE) for pre-auth and post-auth can also control what the client can access.

HTH-

Vince

2 REPLIES 2
Contributor

Re: CWA configuration on the WLC under WLAN?

Won-

no worries, I have that enabled as well and all works fine on 8.1.x controller. Your ACL's on the WLC (and ISE) for pre-auth and post-auth can also control what the client can access.

HTH-

Vince

Cisco Employee

Re: CWA configuration on the WLC under WLAN?

Hi Vince,

Thanks for the confirmation on the WLC WLAN Setting to prevent client to client connectivity by enabling " "P2P Blocking Action" to Drop and also configuring Pre-Auth/Post-Auth ACL to achieve similar objective. One of our client is designing a large subnet size for the BYOD (/16) and this large subnet size will require WLC to disable "Broadcast Forwarding" and "P2P Blocking Action: Drop" to prevent broadcast storm etc.

Cheers,

Won