Limit Guests Network Access

Corneliu Paunescu · ‎02-14-2014

Im trying to limit our guests from accessing our internal network, but give them access to the internet.

Here is my setup.

Site 1 - Data Center - Internet Connection

Site 1- Wireless Guests

Data Center - Servers, Important data, etc.

Internet Connetion - Going out thru the DataCenter.

Site 1 we have wireless guests that come in all the time. I dont want them to have access to our internal network and servers, so I want to limit them to the internet ONLY.

We created a Guests SSID for the wireless connection.

Now I want that vlan/network to ONLY go to our internet connection in the DataCenter.

Site 1 to DataCenter

Cisco 3550x to Cisco 3550x

Connected via Gibabit Ethernet

DataCenter Internet connected via one of the ports on the 3550x

What type of routing would I need to configure for this to work?

paul driver · ‎02-14-2014

Hello

You have a few options here

Pvlans
Vacls
L3 acls

I think the easiest option is to try and use the latter (l3 acls)

Access-list 100 deny (guest vlan ip range) (destination ip range)
Access-list 100 permit any any

Int vlan xxx (guest vlan)
Ip access-group 100 in

Res
Paul

Sent from Cisco Technical Support iPad App

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul