06-12-2013 03:06 PM - edited 07-04-2021 12:13 AM
Hello guys, thanks for everyone I have another questions I'm going to deploy a new guest WLAN I'm working with the addressing and one questions come to me.. I have this central site and I have some remote offices this new WLAN will be available in different sites so... what is the best option... have just one segment for this WLAN or have different addressing for site? and the most important part... is this posible? I mean one WLAN can has differente Addressing between sites?
Solved! Go to Solution.
06-12-2013 03:58 PM
Here is a doc that can help you understand FlexConnect.
https://supportforums.cisco.com/docs/DOC-24082
Sent from Cisco Technical Support iPhone App
06-12-2013 03:57 PM
The main thing to ask first is if you want all the guest traffic to come back to the WLC at HQ. If you are okay and have the bandwidth for this, then you just centrally switch the guest SSID from the remote locations and all guest will be placed in whatever interface you create for guest at HQ. so you have options, you can locally switch traffic at the remote site, but then you need to ACL the guest subnet so they can't access your internal, except for maybe dhcp or DNS.
The AP's at HQ will be in local mode and the remote site should be in FlexConnect mode.
Sent from Cisco Technical Support iPhone App
06-12-2013 04:17 PM
Sorry Scott.
Whay means HQ ? if I don't have enought bandwith I need to create a ACL? I really need it?
06-12-2013 04:23 PM
HQ meaning heawd quarters:) What is your link between sites?
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
06-12-2013 04:27 PM
Well I have different links
one for 6MB, 4MB, 512K and 256 K
06-12-2013 04:28 PM
Do you have internet at each location or does everything come back?
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
06-12-2013 04:35 PM
some sites have their own internet and some of them comeback
06-12-2013 04:39 PM
SO you have to decide if the guest traffic will tunnel back to the WLC or not. The sites that have their own Internet, you would have to create a new subnet/vlan and create an ACL to block the guest user from accessing your internal network. Even if you have the guest tunnel back to the WLC, you need to have an ACL block guest traffic to your internal.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
06-12-2013 08:52 PM
ACL? I never used before
It's mandatory? or it's Diffcitult to configure aCL?
06-12-2013 08:54 PM
ACLs on a WLC are "different" ...
Check this link
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00807ce372.shtml
__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."
06-12-2013 03:58 PM
Here is a doc that can help you understand FlexConnect.
https://supportforums.cisco.com/docs/DOC-24082
Sent from Cisco Technical Support iPhone App
06-12-2013 04:20 PM
So it's posible that one SSID have different adressing? I mean one for my central site, one for my remote site, one for my remote site B etc?
06-12-2013 04:25 PM
So the thing is, will you be tunneling the traffic for the guest? If so, then you will only have one subnet you can put all the guest users if you have one SSID.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
06-13-2013 10:20 AM
Ok. One question I'm testing this in a lab, right now I'm simulated be on my remote site and I conneted to my SSID FERROMEX, this SSID is centrall switched I have one interface in my WLC on my Central site, the vlan is on my cental site too, and I'm working just fine. I don't have anny ACL's I really need this ACL?
Sorry if my queston is so abviuos, but the is new for me
06-13-2013 10:27 AM
What do you mean by this
I have one interface in my WLC on my Central site, the vlan is on my cental site too
The SSID is centrally switched so the only interface that is required is on the WLC. That vlan has to reside in the central site and not needed in the remote site. If your placing internal users and guest users in the same subnet, then you can't use ACL's as the guest will be able to access your internal network also.
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide