cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

2500 seriesWireless Controller configuration

scottcummins
Beginner
Beginner

Good Day Cisco Gurus

 

I currently have two 2500 series Controllers that re set up as an HA pair, I have two wireless networks configured.

 

Guest: the guest is currently configured to allow access to the domain resources, I inherited these controllers and am trying to reconfigure the guest network to be a true guest network with access only to the internet and allowing guest access through the ISE device we have as well which will supply a temp password using an e-maill adrerss they provide and a password supplied by the ISE

 

Internal: the internal domain I want to ensure is configured so that employees have to log in using their AD credentials and has access to CERTIAN domain assets. 

 

I know this is a general and over arching question about generl configuration. If someone could pont me to any documentation on exactly how to configure it or even some sample configurations it would be greatly appreicated 

 

Thank you very much

2 ACCEPTED SOLUTIONS

Accepted Solutions

Flavio Miranda
Advisor
Advisor

Hi

 You can find tons of documentation talking about detailed guest implementation on the internet. It is actually quite simple the WLC part. The ISE part may be more complex. 

 Guest:

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/69340-web-auth-config.html

 

Corp:

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/201044-802-1x-authentication-with-PEAP-ISE-2-1.html

 

 

-If I helped you somehow, please, rate it as useful.-

View solution in original post

For the resources they are allowed to access, you could use ACLs on the WLC. But if you have a central firewall, then I suggest to use that one to steer the access.

View solution in original post

3 REPLIES 3

Flavio Miranda
Advisor
Advisor

Hi

 You can find tons of documentation talking about detailed guest implementation on the internet. It is actually quite simple the WLC part. The ISE part may be more complex. 

 Guest:

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/69340-web-auth-config.html

 

Corp:

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/201044-802-1x-authentication-with-PEAP-ISE-2-1.html

 

 

-If I helped you somehow, please, rate it as useful.-

Flavio

 

Thanks so much, I wiull utilize the articles and return to give an update

For the resources they are allowed to access, you could use ACLs on the WLC. But if you have a central firewall, then I suggest to use that one to steer the access.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: