09-10-2012 11:35 AM - edited 07-03-2021 10:38 PM
On our corporate WLAN we are using 802.1x, but we would like to redirect our guest traffic to a Nomadix box for the ULA acceptance. I have set up a guest SSID and have configured it to redirect to the box, but when you try to browse when connected to the guest SSID, it flaps between being redirected to the Nomadix box (10.1.101.2) and 1.1.1.1. Below is a screenshot of the WLC config.
09-10-2012 08:51 PM
Hi
When you use a guest box you don't want to use any of the guest features like redirect in the wlc because your nomad box is going to handle this.
You want a open network and direct your dynamic interface gateway address to the ip address of your nomad box.
Any traffic generated off subnet goes to the default gateway which is the nomad. Nomad present the screen and once accepted allows the traffic to pass.
Again going off memory will confirm tomorrow for you .. Just thinking out loud ...
Sent from Cisco Technical Support iPhone App
09-11-2012 05:22 AM
We have the same setup,. uncheck the Web polcy and use the default nomadix ip as the gateway. Thanks George for the heads up on this issue. Glad to provide any info needed to assist
09-11-2012 12:46 PM
Perfect. Just to clarify though, I would change the default gateway on the interface on the WLC correct? Or do I need to change the gateway supplied by DHCP to the clients?
09-11-2012 12:56 PM
Correct, just the dynamic interface GW on the WLC. So as traffic comes into the WLC it is then sent directly to the nomad box. Clients you leave alone, they will still point at the router gw.
If this works for ya, please remeember to mark the question as anwsered. It will help others find it quickly if they have the same issue.
__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
09-11-2012 12:57 PM
Criag,
Thanks for stopping by. It was a bit ago that we set up that box...
__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
09-11-2012 01:00 PM
Great! I'll have a window later this week. I'll update how it went.
Thanks!
09-13-2012 12:58 PM
So, in order to set up the Nomadix as the gateway on the guest wireless interface, the Nomadix has to be on the same subnet at the guest wireless. Now my question is how to cable the Nomadix box. It has the 2 ports (WAN/LAN). I could change the ip to be on the guest network, but would I then put both ports in that Vlan on the switch?? Doesn't seem right to me.
The recommended setup is to have it between the switch and external router, but then I don't want that uplink to be on the guest wireless subnet....
09-13-2012 01:31 PM
Going off memory here.
We had 1 cable from the WLC plugged into the NOMAD LAN port (Layer 2). Then from the NOMAD WAN we plugged this into a swiitch in the DMZ and out.
WLC----NOMAD-----DMZ
I dont recall if the WAN was on a differernt subnet. I suspect it will need to be unless the NOMAD does routing. I dont recall. What does your manual say ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide