Hi,

Thanks for the swift response.

The document is a bit long and so i am going to ask the following to save some time:

There are two sites

Site A has the controller 4402 and remote site has six aps. the customer would like to have guest account access at the remote site. The internet connection is located at the main site.

I am trying to understand how the process of connecting to a Guest SSID at the remote site works. I need to add a new guest network at the remote site however can a local dhcp server at the remote site dispatch ips when authenticated?

Can you give an example?

It's not too difficult.

Take your WLAN check the box for HREAP/FlexConnect Local Switching (except for the guest wlan)

You put the AP that are going to that site in FlexConnect or HREAP mode.

once they reboot, map the WLAN to the VLAN local to the site.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Okay sorry for the questions

1. On the remote site, i create a new guest network and set the router to be the gateway. Also the dhcp pool is set on the remote router.

2. On the switches at the remote site a new vlan id is configured.

3. At the main site, on the controller a new dynamic interface is created and will be an ip address on the guest network created at the remote site. The gateway of the interface will be that of the remote site router. A WLAN is created and mapped to the interface.

4. My query now is with the vlan id configuration at the main site, will that need to be the same as the one set on the remote site? Will i have to configure the vlan at the head office?

umm, I'm getting lost.

You want the guest access at the remote site to go through the Controller at the Central site correct?

If that is so, then you don't need to do anything for guest.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

My apologies for getting u lost, i think i am lost too .

My main concern is the routing and switching part of the configuration. Since this is a remote site that is set up as a hub and spoke top with the main site, I wanted to make sure what configurations will be needed. This is for guest wlan access only, using the lobby admin.

So far i know that a guest network needs to configured, so on the remote site, a new gateway will be configured and vlan on the swichtes. On the head office where the controller sits, i will configure the dynamic interface in the same network configured at the remote site and set the same gateway and vlan id. Will i need to configure the vlan id at the main site to?

Hope that was a bit clearer.

A) Do you want the guest at the remote site, to stay local traffic and go out their pipe, and just have the users get the splash page?

Or

B) Do you want the guest traffic to go out the pipe at the hub site?

A) If you want the guest to go out the hub site, you don't need to anything so long as you don't check the locally switched box in teh WLAN.

B) yes you would need to create a new VLAN at the remote site, and map that in the HREAP/FlexConnect settings

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Hello Steve,

Sorry for the late response but the customer would like all guest traffic to remain local since the remote site has an internet connection.

Given this requirement you said that only a vlan is needed and this needs to be mapped to the HREAP settings?

Now since the guest network is a new network that will be created on the remote site, will the hub site need to know how to route to this network since the WLC lies there? The dhcp server is local at the remote site.

My confusion is role of the dynamic interface in the WLAN deployment.

When a client connects to the guest-wlan, which is configured with central auth (web-auth) and local switching, after the auth is successful, what happens next. Will the WLC need to know the gateway of the guest-wlan gateway?

My query is more on the routing needed from the hub site to spoke site for the guest wlan that is local to the remote site.

Ok, so with FlexConnect/HREAP the WLC doesn't do anything with the traffic, that all is passed directl out the ethernet interface of the AP to the switch. 

With FC/HREAP the WLC does not need to have a dynamic interface configured, as it is not the device that is passing traffic, the AP is. 

So you would need to create the new VLAN for the remote site, and make sure the AP is on a trunk port that passes all the needed VLANs.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Sounds good, got you so far.

One more question, how will the clients get the dhcp address for the guest network. I am using a dhcp pool on remote site router.

You would need to ensure you have an ip helper configured on the guest vlan svi interface. 

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"