03-04-2015 02:37 PM - edited 07-05-2021 02:39 AM
Hi,
I am trying to understand how I can achieve this but not 100% sure.
We have a 5760 controller and over 50 APs. This is working fine at present for normal operation.
Now, we want a new SSID for guest users, but we are not wanting to use the built in layer 3 / webauth system.
Instead, we are using a Mikrotik gateway which will handle all traffic on the Guest SSID.
So basically:
Client > Guest SSID on Controller > Mikrotik (handles DHCP and webauth).
So, all I need is to make all traffic from people connecting to this Guest SSID to be passed through the controller and straight to a LAN port on the Mikrotik which will then capture all traffic and do DHCP etc.
How can i map the guest SSID to a physical port on the controller so I can then connect an ethernet cable between that and the Mikrotik?
Thanks,
James
03-04-2015 05:13 PM
5760 act as L2 device, so if you make the L3 interface of your guest vlan on Mikrotik, then that would be the gateway for your guest traffic.
You cannot bypass 5760 as CAPWAP terminate on that, so SSID traffic has to go through 5760, but L3 termination can be a different devices on your network.
HTH
Rasika
03-05-2015 12:08 AM
Hi Rasika
Thanks, I understand that, but how to map a physical port on the 5760 so that all traffic from this particular guest SSID can be sent by ethernet cable straight in to the Mikrotik device?
Cheers
James
03-05-2015 07:04 AM
On a WLC with AireOS, I would do this by:
When I connect to the SSID it then passes all traffic out via the physical port 4 in to my own gateway that handles DHCP, captive portal etc.
But on the 5760, I'm not sure how this is done. Please can you advise?
See attachment
Thanks
03-05-2015 10:59 AM
You can try to configure one of 10G port on 5760 to access port & assign it to the vlan you want for the guest. On the normal trunk port /LAG, remove that vlan assign to guest.
Give it a try & see. From logical point of view that should work
HTH
Rasika
**** Pls rate all useful responses ****
03-07-2015 01:34 PM
The Mikrotik doesn't have 10Gig, so I've now got a 3750 switch in between. Having trouble getting the traffic to the Mikrotik.
We now have on-site:
5760 Controller > 3750 Switch > Mikrotik
Trying to get the traffic from the Guest SSID to the Mikrotik.
So on the controller, we have created a vlan id (trunk) of 1001 and assigned it to a physical (10Gig) port, and then set the WLAN SSID to use this vlan.
That physical port then goes in to the switch (10Gig) port, and we have set the port to the same vlan id (trunk).
We have then mapped a (1Gig) port on the switch with the same vlan id (access) which then plugs in to the Mikrotik.
Traffic isn’t getting to the Mikrotik however. Any idea what I’ve done wrong?
Did I get mixed up with trunk/access? The Mikrotik does not need to know about the VLAN, it just takes all traffic coming in the ethernet port (hence why I set it as access vlan)
What did I miss?
Thanks
James
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide