Re: Guest network 1941

silviu1983 · ‎03-10-2020

Hy

I have a question regarding a SOHO.

So I have a network , that has 1 1941 Router, 1 2960 Switch, a Level3 Dlink and TPLINK Switch and a couple of wireless ap

and my question is this

How can I create a separate network for my guests to connect wireless. I mean what is the practical way to do this? and how do i redirect them to my guest network once they are connected ( i am thinking DHCP ,but this is a weak method, because anyone that has some skill about networking can change their ip address and acces my LAN) and btw how do i limit their bandwidth once they are connected?

balaji.bandi · ‎03-11-2020

Below are the steps : (depends on what you have in place to check to support)

1. you need to create a Seperate SSID for Guest

2. tag to redirect portal for guest to access / using pre-defined user ID or auto registration process, (this can is radius or any other method works) - i suggest to have local user ID for guest create - 24hours basis, until this is commercial activity different case

3. give them different DHCP Pool, so you do not have any conflict with local IP address.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

silviu1983 · ‎03-11-2020

hy

thanks for the reply

so i create a separate SSID , a separate login page and so on. so what i am thinking is like this

i go to my dhcp server and configure it like this

1 i enter the mac address manually for the hosts in my network to have the ips of my main network (ex 192.168.1.x) so for example when i get a request of ip from one of my clients , if the mac is known they will be put in the main network

2 i configure the dhcp that when a new request comes up that the mac address is not known(guests) they will get the ip of another separate network , lets say 10.0.0.x

however what i am asking is this

do i need to segment the network, my main network, so that i have 2 routers . 1 for 192.168.1.x and one for the 10.0.0.x or is it better to create a vlan. what is the most practical way in a production enviroment to do this?

balaji.bandi · ‎03-11-2020

You can do both ways, you can do 2 device if you like to maintain more device.

if you like to shorten the maintenance and cost, 1 device with 2 VLAN should work for you.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

silviu1983 · ‎03-11-2020

so i will go with vlan

create some ports on my sw 2960 that is part of that vlan (guest network) which i will attach a wireless router that i will use it as an access point to have my clients connect to the internet on my network but not accesing resources on my main network, however...

how can i limit the bandwidth of my guest network? i mean i dont want somebody that connects trough my guest network to access the same bandwidth that i use on my main network . i can see that the speed command has values of 10 100 1000 , but i am more likely to give them speeds like 100kbps

so my question is how do i limit the bandwidth of the clients on my guest network?