11-28-2011 09:32 AM - edited 07-03-2021 09:08 PM
Hi,
I have WLC5500 series in headquarters and several branch offices. I have configured in headquarters a wlan for employees and another wlan for guest users.
In the branch offices I have configured wlan for employees and now I´m trying to configure wlan for guest users in one of this bran offices.
I´ve already created vlan for guest users (vlan 10) in the switches and I´ve assigned a new port from the Cisco ASA in the branch office for this vlan with a DHCP server (10.7.7.0/24).
Then, I have created a dynamic interface in WLC with the same vlan id number than in the remote guest vlan (10) and I have assigned to this dynamic interface an ip address (10.7.7.3) and a dhcp server 10.7.7.1 (guest interface from cisco asa in branch office).
After this, I have created wlan with webauth and HREAP.
When i try to connect one remote computer to this wlan, it´s connect to wlan but the ip address the is assigned to this laptop is from employees network and not from guest network.
Would be possible this configuration ? .Could you assist me to solve this issue?
Thanks im advance
Solved! Go to Solution.
11-28-2011 09:40 AM
In the h-reap ap, there is a tab for h-reap. In there you specify the native vlan and then you can specify the SSID vlan mapping. The port the ap is connected to needs to be a trunk port also.
http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080736123.shtml
Sent from my iPhone
11-28-2011 09:40 AM
In the h-reap ap, there is a tab for h-reap. In there you specify the native vlan and then you can specify the SSID vlan mapping. The port the ap is connected to needs to be a trunk port also.
http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080736123.shtml
Sent from my iPhone
11-28-2011 09:53 AM
Hello Scott,
I´m going to check it.
Thanks for your help
11-28-2011 10:00 AM
Javi,
You do not need a dynamic interface on the wlc if you are wanting to place users on the local (remote) subnet. That is where the vlan mapping in the h-reap ap comes into play. It your SSID is not set to local switching, then the traffic is tunneled back to the wlc and then you would need the dynamic interface on the wlc. In order to use a subnet at the remote site, you need h-reap local switching checked on the WLAN SSID advanced tab. This gives you the option of setting the said to vlan mapping.
Sent from Cisco Technical Support iPhone App
11-28-2011 10:06 AM
Then, In the general Wlan tab where I have to put the interface. Which interface should i configure? management?
Regards,
Javi
11-28-2011 10:10 AM
If you have AP's in local mode like in your HQ, then you would used that dynamic interface. For h-reap AP's, the SSID mapping is used.
Sent from Cisco Technical Support iPhone App
11-28-2011 10:21 AM
ahh ok, then if I have not any wlan in local mode in this AP, this option, we could say that is disabled or it´s not used.
11-28-2011 10:32 AM
Correct...
Most of the time you would see AP's in local mode because a company has AP's in the same building as where the WLC is located. This is where you would use the interface on the WLAN SSID tab. Then companies want to cover remote sites without having to purchase more WLCs for each site. These AP's would be configured for h-reap mode. Now depending if you want to tunnel traffic back (h-reap local switching disabled) or drop traffic off at the remote site (h-reap local switching enabled), it your choice. AP's in local mode are connected to an access port while h-reap AP's are on a dot1q trunk.
Sent from my iPhone
11-28-2011 12:12 PM
Ok, good explanation. I´ll chek it tomorrow.
Thanks for your help
11-29-2011 03:41 AM
Perfect!! Works fine!!
Thanks
11-29-2011 05:31 AM
Javi,
Glad it worked:)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide