We have a Cisco WLC 4400 which supports approximately 100 to 150 guest users at any time. Is there any way to connect a printer the wireless network for some of the clients to use? Sorry for the generalities I just want to know if it is possible.
Support for the Multicast DNS (mDNS) protocol is introduced. Multicast DNS (mDNS) service discovery provides the ability for wireless clients to access Apple services such as Apple Printer and Apple TV advertised in a different Layer 3 network. mDNS performs DNS queries over IP multicast. mDNS supports zero configuration IP networking. As a standard, mDNS uses multicast IP address 18.104.22.168 as the destination address and 5353 as the UDP destination port.
If DHCP required is not configured on the controller, the APs learn the IP address of wireless clients when the wireless clients send out the first IP packet or ARP. If the wireless clients are passive devices, for example, devices that do not initiate a communication, then the APs fails to learn the IP address of the wireless devices. As a result, the controller waits ten seconds for the client to send an IP packet. If there is no response from the packet from the client, then the controller drops any packets to the passive wireless clients. This issue is documented in Cisco bug ID CSCsq46427 (registered customers only)
As a recommended workaround for passive devices like printers, wireless PLC pumps and so forth, you need to set the WLAN for MAC filtering and have AAA override checked in order to allow these devices to be connected.
A MAC address filter can be created on the controller that maps the MAC address of the wireless device to an IP address.
Note: This requires MAC address filtering to be enabled on the WLAN configuration for Layer 2 Security. It also requires Allow AAA Overide to be enabled in the advance settings of the WLAN configuration.
From the CLI, enter this command in order to create the MAC address filter:
config macfilter add <STA MAC addr> <WLAN id> [interface name] [description] [STA IP address]
Here is the complete BUG details about this issue.
Silent client not placed in run state
A wireless device that associates to an access point but does not send any IP
packets will remain in the "DHCP_REQD" state on the WLAN controller. This also
applies when the client device has a static IP address and DHCP address
assignment is set to "not required" in the WLAN configuration.
This only applies to WLAN controller based architecture. Autonomous APs
running IOS code do not track IP addresses of wireless devices.
A MAC address filter can be created on the controller that will map the MAC
address of the wireless device to an IP address. Note: This will require MAC
address filtering to be enabled on the WLAN configuration for Layer2 Security.
It also requires "Allow AAA Overide" to be enabled in the advance settings of
the WLAN configuration. Via CLI this command can be entered to create the MAC
config macfilter add MAC Addr WLAN ID interface
description IP Addr
An alternative option to MAC address filtering would be to configure the
access point into H-REAP mode. Then in the WLAN configuration enable IPv6
support and H-REAP local switching in the advance settings. Uncheck "Learn
Client IP Address" (5.2 and above.)
A template is used to create guest user account in Cisco WCS that can be applied to all controllers that the guest user or users are allowed access. Follow these steps to add a new guest user account to WCS.
Step 1 Choose Configure > Controller Templates.
Step 2 From the left sidebar menu, choose Security > Guest Users.
Step 3 Select Add Guest User from the Select a command drop-down menu and click GO.
Step 4 Enter the guest user name. The maximum is 24 characters.
Step 5 Check the Generate Password check box to auto-generate a password.
Step 6 Select an SSID from the Profile drop-down menu.
This is the SSID to which this guest user applies and must be a WLAN that has Layer 3 web authentication policy configured. Your administrator can advise you which SSID to use.
Step 7 Enter a description of the guest user account.
Step 8 Choose limited or unlimited.
•Limited —From the drop-down menus, choose days, hours, or minutes for the lifetime of this guest user account. The maximum is 35 weeks.
•Unlimited —This user account never expires.
Click Apply To to restrict a guest user to a confined area by selecting a campus, building, or floor so that when applied, only those controllers and associated access points are available. You can also restrict the guest user to a specific listed controller or a configuration group, which is a group of controllers that has been preconfigured by the administrator.
From the drop-down menus, choose one of the following:
•Controller List: Check the check box for the controller(s) for which the guest user account applies. The selected controller is usually the DMZ anchor controller or controller where web authentication is enabled.
•Indoor Area: Choose the applicable campus, building, and floor.
•Outdoor Area: Choose the applicable campus and outdoor area.
•Config Group: Choose the config group to which the guest user account is assigned.
Step 10 Review the disclaimer information. Use the scroll bar to move up and down.
Step 11 Click the check box if you want to set new default disclaimer text for all future guest user accounts.
Step 12 Click Save to save your changes or Cancel to leave the settings unchanged. The Guest User Credentials window appears
Please refer to the below link for more information on the topic :
Yes, you need mDNS AKA Bonjour Gateway functionality.
For converge access wireless setup check the following.
you need mDNS on atleast anchor only for this to work. Anchor WLC advertises Bonjour Multicast packets to Foreign WLC, so that Wireless user can see the service and connect to it and allows the actual w.less bonjour data connection that uses Bonjour unicast tcp traffic to pass from foreign to anchor. "Multicast forwarding from foreign to anchor is not supported until 7.5 code."
If its unified you can check the following link also.
NOte: no need to worry as WLC auto discover it via mDNS, mention in the above link..