Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have three major categories of wireless access "allowance" I am contemplating deploying:1. "true" guest (CWA + sponsor) => guest SSID and guest DMZ (Internet only access)2. employee BYOD (trust the employee based on AD user membership) - different ...
EDIT: looks like my definition of BYOD is confusing, as I do not mean it in the sense of Cisco! I am not planning to onboard employee devices. Just to give them a more lenient Internet access, w/out the constraints of time and sponsor bound requireme...
Thank you for the follow-ups. More comments: guest connections (via "true" or "BYOD") should not land on the internal network => I need to put them in the DMZs IP space, because of security concerns. Creating other subnets/VLANs/routes, in the intern...
That was fast Thank you! Here is a little more, which I may have missed in my original Q (pointers to data flow diagrams would help, if you know of such): I can only allow the internal PSNs to talk to AD, but if ALL guests (true, and BYOD) need to ...
