Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1250
Views
5
Helpful
2
Replies

CWA configuration on the WLC under WLAN?

Go to solution
choiwon
Cisco Employee
Cisco Employee

‎05-05-2017 12:20 AM

Hi All,

Just a quick sanity check, I'm following the "Central Web Authentication on the WLC and ISE Configuration Example - Cisco" and just wondering if the "P2P Blocking Action" can be set to Drop for the CWA WLAN as this will prevent the clients under the same WLAN not communicating with each other especially for the Guest WLAN.

Screen Shot 2017-05-05 at 5.20.09 pm.png

Please let me know if this will be ok with the CWA Config!

Thanks,

Won

1 Accepted Solution

Accepted Solutions

Go to solution
vrostowsky
Level 5
Level 5

‎05-05-2017 09:22 AM

Won-

no worries, I have that enabled as well and all works fine on 8.1.x controller. Your ACL's on the WLC (and ISE) for pre-auth and post-auth can also control what the client can access.

HTH-

Vince

View solution in original post

2 Replies 2

Go to solution
vrostowsky
Level 5
Level 5

‎05-05-2017 09:22 AM

Won-

no worries, I have that enabled as well and all works fine on 8.1.x controller. Your ACL's on the WLC (and ISE) for pre-auth and post-auth can also control what the client can access.

HTH-

Vince

Go to solution
choiwon
Cisco Employee
Cisco Employee
In response to vrostowsky

‎05-07-2017 03:45 PM

Hi Vince,

Thanks for the confirmation on the WLC WLAN Setting to prevent client to client connectivity by enabling " "P2P Blocking Action" to Drop and also configuring Pre-Auth/Post-Auth ACL to achieve similar objective. One of our client is designing a large subnet size for the BYOD (/16) and this large subnet size will require WLC to disable "Broadcast Forwarding" and "P2P Blocking Action: Drop" to prevent broadcast storm etc.

Cheers,

Won

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents