Guest Wireless access through inside interface

ethutchinson · ‎12-10-2013

We have inherited a Cisco wireless lan controller 4400 and about

25 Cisco Aironet 802.11 a/b/g access points. I wanted to set

this up on our ASA 5510 using the inside interface for guest

access( Using the inside interface was the suggestion of a co-worker)

Vlans are setup for the Wireless controller and the

APs to my Wireless switch. If I setup a subinterface of the inside

interface and then setup the vlan for that subinterface how should

I setup the global PAT for that subinterface? And then how would I setup

the ACL to allow the guest access off the APs. I am a little

fuzzy on this so please excuse the possible holes or misinformation.

I just need a little design guidance.

Thanks

Julio Carvajal · ‎12-10-2013

Hello,

The NAT for that interface would be the same as for any other interface. Just determine whether you want just the inside users to access the internet or if you want the outside users to also connect to this devices.

Now for the ACL it would depend. If you are trying to set the interface as inside then it will have a security level of 100 hundred which means it's the highest security level possible. No need for an ACL if want to access the outside or any other lower security level.

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC