Restric Access to Captive Portal after successfull authenticatio

EDDY MULDER · ‎10-02-2012

I have setup a WAP321 with the captive portal activated.

2 WLAN networks defined, one for the Normal-user and 1 Guest-user access (with captive portal).

The WAP Management is on its own vlan (vlan 1 ) , network 10.0.0.0 /24

The Normal network has a different vlan (vlan 14) , network 192.168.14.0/24

Guest user(s) are on VLAN143 , 172.16.10.0 /24

So when a guest connects to the wap, the management interface is openend (10.0.0.x), after successfull authentication the user is redirected to a predefined site.

What i would like to establish is to make it impossible for the Guest-user(s) to access the management portal.

Defining an acl on the management portal is not possible as i would like to use any ip adres on the Normal Network (192.168.14.0/24).

unfortunally you can only define 5 Fixed ipaddresses and not a (sub)-network.

regards

eddy

jurodri3 · ‎10-16-2012

Good morning Mr. Mulder,

It it possible to set and access-list on your WAP321 that restrict access from users on the complete network 172.16.10.0/24.

Let me share with you the information found on guide me section on this forum about this topic.

I encourage you to make use of this useful tool if you have any other question about configuration on the future.

http://sbkb.cisco.com/CiscoSB/ukp.aspx?vw=1&docid=c1a32843a14846af8c20a91532c39d16_acl.xml&pid=4&fcid=&fpid=&slnid=6

Check the section 6, where you could set the configuration using the network 172.16.10.0/24 as source address and 10.0.0.0 /24 as destination.

hope you find this answer useful, if it was satisfactory for you, please mark the question as Answered.

Thank you

Diego Rodriguez.

Cisco network engineer

Restric Access to Captive Portal after successfull authentication