Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
390
Views
3
Helpful
2
Replies

can't get two ssid/vlans to work on 1231G

aoshea
Level 1
Level 1

‎12-08-2006 02:23 PM - edited ‎07-03-2021 01:21 PM

Dear Support,

Tried to configure another AP for one of our offices, currently they have an unsecure guest WLAN, and the aim was to add another AP and configure both AP's (one 1120 and a 1231) for two WLANs, one being secure with authentication via an IAS server.

I've tested the config with a single secure WLAN, and this works, which is on the user VLAN 1.

But when I try to get both WLANs working, the guest WLAN terminates on the DMZ port of a pix, it doesn't work. I have configured the rules to pass radius udp ports over the pix.

dmz 192.168.1.x /24

internal 10.10.10.x /24

Can anyone help or advise me where to look.

I always rate helpful answers.

Thanks in advance.

Best regards, Adrian.

Labels:
Preview file
4 KB
Preview file
3 KB
0 Helpful
2 Replies 2

Stephen Rodriguez
Cisco Employee
Cisco Employee

‎12-08-2006 03:03 PM

Remove the Mobiltiy Network-id commands from the SSIDs. Those commands are not needed in your configuration. You also have the native vlan/subnet as your guest network and not the internal network. I would recommend changing the config so that all the .1 interfaces are in bridge-group 1 with the native commands, and you put the .2's in the bridge-group 254.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

aoshea
Level 1
Level 1
In response to Stephen Rodriguez

‎12-12-2006 04:40 AM

Hi Stephen,

Many thanks for the advise, the reason why I made the native vlan (192.168.1.x/24) the primary was that I was concerned about security. Obviously if you think it should be secure on the internal network, then I give that a go.

At the moment, i'm still not sure if I should be broadcasting the ssid of the secure wlan, or just the open (unsecure) wlan. What are your suggestions? Also I am still a little confused why you can only broadcast one ssid, and not both ... can you advise me the best practise for this, should I just broadcast the public wlan, and leave the secure one silent ... or advertise it through the extended settings ?

thanks again.

Best regards, Adrian.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card