02-05-2014 02:21 PM
After setting up a wap551 AP I had to set the guest VLAN ID to 1 which is on the same VLAN as my corporate users. If it is not on VLAN 1 hen it gets no internet access. Any help on is would be appreciated. I did see a post about the WAP321 with the fix being to make the VLAN 2 the managed VLAN. Not a secure fix in my opinion.
In addition, when connecting to the guest ssid they are taken to a cisco authentication page. My client would like them to bypass any pages as they would only have access if we provide it.
Jose
02-06-2014 07:40 AM
I saw your post on the WAP321 thread.
I agree it is not the best solution, It can be used as a workaround. Listed below are the recommendations to security concerns.
1) Problem: If a wireless client knows the IP of the WAP and the username and password they could get into the WAP.
Solution: Setup Management Access Control to an IP outside the DHCP scope for that VLAN and have a Strong Password.
2) Problem: Management of the WAP321 can only be from an IP on the Management VLAN. (In my case 2)
Solution: Setup Management Access Control to an IP outside the DHCP scope for that VLAN and have a Strong Password.
About the authentication page: If Captive Portal (CP) is not enable this should not be happening. Did you use Captive Portal? With CP the minimum that can be enabled is a authentication page where the guest would have to use a name but no password.
But as long as CP is not enable they should be able to get directly out to Internet once the connect to the SSID.
Thanks
Eric Moyers .:|:.:|:.
Cisco Small Business US STAC Advanced Support Engineer
Wireless Subject Matter Expert
CCNA, CCNA-Wireless
02-06-2014 12:49 PM
Thanks for your reply. I am not sure if the CP is enabled or not, as I reset the system three times fighting with the guest access issues. I will take a look at the system as soon as I am able, since it is in a remote location it will take me a bit to get access.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide