05-05-2017 12:20 AM
Hi All,
Just a quick sanity check, I'm following the "Central Web Authentication on the WLC and ISE Configuration Example - Cisco" and just wondering if the "P2P Blocking Action" can be set to Drop for the CWA WLAN as this will prevent the clients under the same WLAN not communicating with each other especially for the Guest WLAN.
Please let me know if this will be ok with the CWA Config!
Thanks,
Won
Solved! Go to Solution.
05-05-2017 09:22 AM
Won-
no worries, I have that enabled as well and all works fine on 8.1.x controller. Your ACL's on the WLC (and ISE) for pre-auth and post-auth can also control what the client can access.
HTH-
Vince
05-05-2017 09:22 AM
Won-
no worries, I have that enabled as well and all works fine on 8.1.x controller. Your ACL's on the WLC (and ISE) for pre-auth and post-auth can also control what the client can access.
HTH-
Vince
05-07-2017 03:45 PM
Hi Vince,
Thanks for the confirmation on the WLC WLAN Setting to prevent client to client connectivity by enabling " "P2P Blocking Action" to Drop and also configuring Pre-Auth/Post-Auth ACL to achieve similar objective. One of our client is designing a large subnet size for the BYOD (/16) and this large subnet size will require WLC to disable "Broadcast Forwarding" and "P2P Blocking Action: Drop" to prevent broadcast storm etc.
Cheers,
Won
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide