cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1693
Views
0
Helpful
3
Replies

How to setup a VLAN in Cisco ASA5510 for guest wireless access

sglantos04
Level 1
Level 1

I am running a /24 network in Active Directory with my ASA acting as gateway and firewall.  Standard interfaces (Ethernet 0/0 as outside, Ethernet 0/1 as inside)

As of now I have no VLans set up, but I need to setup wireless Internet access for guests...  I need directions on how to setup a Vlan with its on DHCP for these aguests...  I can then make sure that my APs can be pointed to the same VLAN...  I am not familiar with CLI, have generally used ASDM. I am currently running ASDM 6.3(1) on an ASA with version 8.3(1).

This is something I need to do quickly as we are expecting 20-40 "guests" shortly, and I don't want them to use our internal DHCP server addresses.

Thanks

Stephan

3 Replies 3

Neeraj Arora
Level 3
Level 3

Hi Stephan,

You would have to create sub-interfaces on the ASA inside port to accomodate both the LAN as well as guest vlan but do keep in mind that it MIGHT involve a downtime and make sure you are CONSOLED into the ASA as you'd be making changes on the inside interface itself.

Check this document for Sub-interface creation on the ASA using CLI:

https://learningnetwork.cisco.com/thread/10502

After this follwoing tasks need to be completed:

- You'd have to enable NAT for the new VLAN

- Enable DHCP for this new vlan and both of this can be accomplished using ASDM

- Make the port on the switch connected to the ASA as Trunk

- Create this new vlan on the switch where the AP is connected

Hope it helps

Neeraj

Hi Stephan,

You may want to use one of the avilable ports on 5510 and create DMZ, unless you want to create a inside Vlan for guests.

AP can point to DMZ and AP also should be able to act as DHCP (if not ASA/DMZ can be your DHCP server for clients). Configure ASA to 'nat (DMZ,Outside)' and use public DNS servers for the guests.

hth

MS

Google "cisco smart business architecture"

Design/Configuration guides for everything you need.

CCIE 26175
www.techsnips.com
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco