cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
372
Views
10
Helpful
5
Replies
Highlighted
Beginner

Different VLANs for Wireless users

Hello everyone,

Currently I am using CIsco 3k switches and Cisco Meraki APs in my environment. We have few printers too.

We have 4 departments in our office and about 50 users.

I wanted to make 4 Vlans for each department and assign 1 printer to each department, currently I don't have an AD(but I am planning to get one soon).

I need suggestions how do I implement this.

 

5 REPLIES 5
Highlighted
VIP Expert

Are you looking for all the users to connect Wireless and print?  how many SSID you have?

 



BB


*** Rate All Helpful Responses ***

Highlighted

Right now all users are on wireless in single vlan and they can use any printer.

I want to separate users and printers department wise.

For eg: users of vlan 10 can use only Printer A, and users of vlan 20 can use Printer B.

 

I have 4 SSIDs right now I can add more to if needed.

Highlighted

The much better solution would be to use a radius server and then push the VLAN to the WLC when the user authenticates (with username+password). Here an example with a free Linux based radius server:

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/211263-Configure-802-1x-PEAP-with-FreeRadius.html

Or Windows NPS: 

https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/115988-nps-wlc-config-000.html

Highlighted
VIP Expert

If they are 4 SSID, and you can create 4 VLAN so printer stay respecteer VLAN, but any user can reach any IP address in the LAN.

Other option if you have different SSID with different IP address spool. ACL is best option to block other IP block to contact non authorise printing services.

 

take example

 

create an ACL printer 1  - only x.x.x.x /24 can acces x.x.x.10 (printer IP) rest deny so on

 

is this make sense ?

since you do not have any print server in place or AD based available now.



BB


*** Rate All Helpful Responses ***

Highlighted
Beginner

A VLAN is a group of devices on one or more LANs that are configured to communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible.

Cisco wireless networking combines the mobility of wireless with the performance of wired networks, offering a dramatic performance increase compared to legacy 802.11a/g networks. Cisco delivers 802.11n and 802.11ac excellence designed to effectively support a vast range of business-focused wireless networks.

Content for Community-Ad