Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1501
Views
0
Helpful
5
Replies

Guest Network

shaikh.zaid22
Level 1
Level 1

‎12-05-2020 05:03 AM

Hi guys,

 

I have ftd firewall managed via FMC, facing some problem with my guest wireless network.

The infrastructure is, we have some services published over internet for public access, on the ftd i have done some NATs and access policy configured. the Guest wireless network also terminates on the ftd.

All the published services are accesible internally( within my org network addresses) as well as from outside ( like mobile data and home wifi), however when i connect my laptop to my organisation Guest SSID and try to access the same published services it fails. the page doesnt open. Also i  noticed is that when i do ping to my URL am seeing the internal natted IP instead of the public IP.

 

Same scenario i repeated in my home wifi, the services am able to access succesfully and am seeing the proper public ip address when i ping the URL.

 Can anyone giude my where am goin wrong.

0 Helpful
5 Replies 5

MHM Cisco World
VIP
VIP

‎12-05-2020 05:50 AM

Guest Wireless User is user which can access some service and can not access other, this is depend on ACL under WLAN of guest, check it.

0 Helpful

shaikh.zaid22
Level 1
Level 1
In response to MHM Cisco World

‎12-05-2020 06:08 AM

Thanks for the reply...

 

theres no ACL defined explicitly on WLAN.. but yes there are some services which works and some does not. 

0 Helpful

shaikh.zaid22
Level 1
Level 1
In response to shaikh.zaid22

‎12-06-2020 08:33 AM

Still not resolved confused... also i found that when i connect to the guest network and try to download anything eg: firmware, its been too slow around 10kbps, wondering why... Secondly as soon as i connect to different network and do the same it works fine with considerable speed. Am new to ftd and fmc still learning to go around tabs.

any help would be appreciated

0 Helpful

MHM Cisco World
VIP
VIP

‎12-08-2020 06:58 AM

we start guest journey in wireless,

1-first the guest will select SSID, 

the SSID "WLAN" as I mention have it ACL to permit or deny some service this can check via below name of ACL 
and them from WLC security you can see what this ACL permit or deny.

wlc-acl04.png

2- SSID <-> VLAN we must know the VLAN ID for this SSID guest

this VLAN can help us to go to SW to check the QoS for port for this VLAN and see why the other VLAN have good internet connection and this VLAN have not.

 

0 Helpful

shaikh.zaid22
Level 1
Level 1
In response to MHM Cisco World

‎12-08-2020 09:26 PM

Thanks MHM for your response.

I found out the issue after discussing with my collegue, the DNS mentioned in the DHCP pool is our ISPs DNS, due to which its blocking/not resolving the URLs in questions.

As soon as i update it with a public dns, all works fine as desired.

Secondly, the download speed also increases due to this change.

So will take appropriate steps of how fixing it permenently.

Thank you MHMCISCO for you insights.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card