Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
252
Views
3
Helpful
4
Replies

Enterprise and Guest SSID on Foreign WLC

Go to solution
ANKUSH_SINGLA
Level 1
Level 1

‎01-24-2025 01:22 PM

Hi All,

Currently we are using 9800 as Foreign WLC for enterprise network and Anchor WLC (Guest WiFi) in DMZ behind Meraki firewall

we are trying to eliminate Anchor WLC and move all functionality to Foreign WLC with DHCP scope on Meraki firewall.

pls help to share any doc for references.

Regards

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎01-24-2025 02:20 PM

Just to add, where is your DMZ and how are you going to get traffic from the controller to that subnet where the Meraki MX is configured for DHCP?  If everything is local to a site, that seems like it would be easy, but if your DMZ is at another location, its not like you want to span that network where the foreign controller is.  If you are in the later position, you might need to build a GRE tunnel to push traffic to the DMZ so you can utilize that subnet.

-Scott
*** Please rate helpful posts ***

View solution in original post

4 Replies 4

Go to solution
Flavio Miranda
VIP
VIP

‎01-24-2025 02:03 PM

@ANKUSH_SINGLA 

 I dont believe there will be a doc with step by step. Not even close.

 What I would do, however, is create a brand new SSID for Guest on the foreign WLC and leave the Anchor untouch until you can get the new Guest SSID working. 

  You need to consider, besides the DHCP server, the authentication. If the WLC use external web portal, you need to replicate this to the foreign WLC which means connectivity, perhaps firewall rules, routing, etc.

  When you get everything ready, you can schedule a MW and disconnect the Anchor, which is a pretty simple step, by the way. 

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎01-24-2025 02:20 PM

Just to add, where is your DMZ and how are you going to get traffic from the controller to that subnet where the Meraki MX is configured for DHCP?  If everything is local to a site, that seems like it would be easy, but if your DMZ is at another location, its not like you want to span that network where the foreign controller is.  If you are in the later position, you might need to build a GRE tunnel to push traffic to the DMZ so you can utilize that subnet.

-Scott
*** Please rate helpful posts ***

Go to solution
ANKUSH_SINGLA
Level 1
Level 1
In response to Scott Fella

‎01-27-2025 05:32 AM

Hello , DMZ in local only and its Central switching setup solution. 

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to ANKUSH_SINGLA

‎01-27-2025 08:33 AM

If everything is local to a site, you can maybe just patch the DMZ vlan to the core switch.  By this, I mean you might have a DMZ vlan of 999 but that is not in any other switches, you can just setup a port with vlan 999 on a switch and just patch that over to the DMZ switch.  I have seen customer do that to get things done quick without having to do much work.  You would just need to ensure all your settings in the anchor controller is moved over to the foreign controller.  You can always do testing with a test guest SSID and just make sure things are working as expected so that you know what you need to change on the guest SSID to move that into production after the change.  

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card