02-11-2012 09:31 AM - edited 03-04-2019 03:13 PM
I am running a /24 network in Active Directory with my ASA acting as gateway and firewall. Standard interfaces (Ethernet 0/0 as outside, Ethernet 0/1 as inside)
As of now I have no VLans set up, but I need to setup wireless Internet access for guests... I need directions on how to setup a Vlan with its on DHCP for these aguests... I can then make sure that my APs can be pointed to the same VLAN... I am not familiar with CLI, have generally used ASDM. I am currently running ASDM 6.3(1) on an ASA with version 8.3(1).
This is something I need to do quickly as we are expecting 20-40 "guests" shortly, and I don't want them to use our internal DHCP server addresses.
Thanks
Stephan
02-11-2012 11:12 AM
Hi Stephan,
You would have to create sub-interfaces on the ASA inside port to accomodate both the LAN as well as guest vlan but do keep in mind that it MIGHT involve a downtime and make sure you are CONSOLED into the ASA as you'd be making changes on the inside interface itself.
Check this document for Sub-interface creation on the ASA using CLI:
https://learningnetwork.cisco.com/thread/10502
After this follwoing tasks need to be completed:
- You'd have to enable NAT for the new VLAN
- Enable DHCP for this new vlan and both of this can be accomplished using ASDM
- Make the port on the switch connected to the ASA as Trunk
- Create this new vlan on the switch where the AP is connected
Hope it helps
Neeraj
02-12-2012 05:46 AM
Hi Stephan,
You may want to use one of the avilable ports on 5510 and create DMZ, unless you want to create a inside Vlan for guests.
AP can point to DMZ and AP also should be able to act as DHCP (if not ASA/DMZ can be your DHCP server for clients). Configure ASA to 'nat (DMZ,Outside)' and use public DNS servers for the guests.
hth
MS
02-12-2012 07:55 PM
Google "cisco smart business architecture"
Design/Configuration guides for everything you need.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide