cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
641
Views
10
Helpful
3
Replies

Cisco WLC Questions

zacksynder85
Level 1
Level 1

Hi Guys,

My company is looking at installing the Cisco Wireless LAN Controller software for managing our Access Points and promoting BYOD (Bring your own device).

We currently operate 6 sites throughout the country all connected by WAN. We currently have Cisco AP's fed off site-based ADSL connections, and they are in standalone mode.

I want to upgrade each internet connection to fibre feeding the AP, and have a WLC for management based at head-office. However here's where it gets complicated. I want to have one SSID that supplies both Internet AND corporate data. I am thinking of using VPN clients on BYODs and port-mapping IPsec traffic into corporate where the VPN is acknowledged and checked by Checkpoint Firewall, authenticated through TACACS (inheriting through AD)

What are your thoughts / alternative solutions? Have any of you implemented anything similar?

Thanks in advanced

3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame

@zacksynder85 wrote:

I want to have one SSID that supplies both Internet AND corporate data. I am thinking of using VPN clients on BYODs 


Regardless of the size of the network, it is recommended that Corporate and Guest to have their own separate SSID.

True, troubleshooting also becomes easier when segregated. 

Grendizer
Cisco Employee
Cisco Employee

Leo and Joyaljp are correct but since you were looking for alternative solutions here is one: by using ISE and TrustSec you can use only one SSID for both Guest and corp, for more info check the TrustSec Design Guides here https://www.cisco.com/c/en/us/solutions/enterprise-networks/trustsec/design-guide-listing.html

Review Cisco Networking for a $25 gift card