cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

613
Views
5
Helpful
2
Replies
Highlighted
Cisco Employee

CWA configuration on the WLC under WLAN?

Hi All,

Just a quick sanity check, I'm following the "Central Web Authentication on the WLC and ISE Configuration Example - Cisco" and just wondering if the "P2P Blocking Action" can be set to Drop for the CWA WLAN as this will prevent the clients under the same WLAN not communicating with each other especially for the Guest WLAN.

Screen Shot 2017-05-05 at 5.20.09 pm.png

Please let me know if this will be ok with the CWA Config!

Thanks,

Won

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Contributor

Won-

no worries, I have that enabled as well and all works fine on 8.1.x controller. Your ACL's on the WLC (and ISE) for pre-auth and post-auth can also control what the client can access.

HTH-

Vince

View solution in original post

2 REPLIES 2
Highlighted
Contributor

Won-

no worries, I have that enabled as well and all works fine on 8.1.x controller. Your ACL's on the WLC (and ISE) for pre-auth and post-auth can also control what the client can access.

HTH-

Vince

View solution in original post

Highlighted

Hi Vince,

Thanks for the confirmation on the WLC WLAN Setting to prevent client to client connectivity by enabling " "P2P Blocking Action" to Drop and also configuring Pre-Auth/Post-Auth ACL to achieve similar objective. One of our client is designing a large subnet size for the BYOD (/16) and this large subnet size will require WLC to disable "Broadcast Forwarding" and "P2P Blocking Action: Drop" to prevent broadcast storm etc.

Cheers,

Won