Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
618
Views
0
Helpful
3
Replies

Guest access

wynneit
Level 1
Level 1

‎01-20-2009 02:02 PM - edited ‎07-03-2021 05:01 PM

Hi guys I have a few simple questions regarding guest access

Firstly do I really need to use a seperate anchor controller can I not simply route the guest vlan to a dsl connection? I have used this before but need a bit of clarity as the guest anchor is costly and I need to justify this to the client.

If I have 10 branch office using HREAP I propose to use 2 2112 controllers as I can only use the first 8 SSIDs if I have seperate WLANS at each branch.

If I have a 2 2112s and dont use an anchor controller I propose to centrally manage the guest access from a WCS.

Im planning on using authentication lovcal switch local for the HREAP with guest access tunnelled back. Just getting a little complex and looking at cost justification.

Labels:
0 Helpful
3 Replies 3

wesleyterry
Level 3
Level 3

‎01-20-2009 05:33 PM

So ideally, the anchor controller is used to ease the security. If you anchor all of your guests into a DMZ, then theoretically they are not "in" your network.

If you chose to not use an anchor controller, you could always dump that traffic into a "guest" vlan. As long as you have security in place to keep that guest vlan from touching your network devices, then I suppose that would be acceptable.

Again, the anchor controller would allow you to easily and securely dump your clients into a DMZ effectively preventing them from accessing your network. But this also assumes you have a DMZ properly secured....

I think it just depends on what level of security you're looking for. If you know you can secure a vlan within the network, then I personally don't see a problem with it. But I'm not a security person....

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame

‎01-20-2009 08:40 PM

Wesley is corret, you don't need a guest anchor, but is does simplifies things. Also Why would you use seperate ssid's for each branch office? Having the same ssid for internal users, guest users, etc keeps things simple. Plus users can go to another facility and don't have to chage his or her profile.

-Scott
*** Please rate helpful posts ***
0 Helpful

wynneit
Level 1
Level 1
In response to Scott Fella

‎01-21-2009 11:33 AM

Thanks for the replies as usual great and sensible. I am pre-emting the customer requirements. I am going to suggest 2 SSID corporate and guest but you never know, plus it will almost certainly come down to cost as the client looks like they do things on a shoestring.

Many thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card