Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
672
Views
0
Helpful
3
Replies

Guest Tunneling with Mulitple interfaces

sreejith_r
Level 1
Level 1

‎01-19-2011 12:22 AM - edited ‎07-03-2021 07:41 PM

Hi;

               Is it possible to create multiple interfaces in the guest controller and mapping to a single SSID. I know that in the normal scenario we can create different interfaces for floor wise and assign it to a single SSID with ap grouping.

But in the guest controller scenario we dont have any inetrfaces in the local controller where the Ap's are associated. Is there any alternative way to achieve this in the guest controller

Labels:
0 Helpful
3 Replies 3

Nicolas Darchis
Cisco Employee
Cisco Employee

‎01-19-2011 02:28 AM

The only way is to create different SSIDs and assign them to different AP groups.

SSID guest1 will be assigned to floor1 APs, etc ...

This allows you to have several interfaces on anchor since you have several SSIDs.

I'm not seeing any other way of achieving it

Nicolas

0 Helpful

tfraij
Cisco Employee
Cisco Employee

‎01-19-2011 03:03 AM

Hello,

can you please clarify what you mean by guest tunneling?

do you mean web-authentication ssid? or just that you have an SSID that is tunneled to anchor inside DMZ ( not web-auth)?

if you are using web-authentication , then i don't see other way apart from what nicolas mentioned in previous post.

if you are using WLAN without web-authentication (NO L3 security) , you might conside the following solution:

1) foriegn WLC will manage all L2 authentication including .1x

2) and the anchor is doing l3 stuff.

3) you can configure one SSID and enable on it AAA override. and on the AAA server which is doing .1x you can configure dynamic VLAN assignement and interface settings to be returned after successful authentication.

so once the foriegn complete L2 (.1x) authentication it will be placed into correct VLAN by radius server ...

Hope this help.

Kind regards

Talal

==========

please rate answers that you find useful.

0 Helpful

Vinay Sharma
Level 7
Level 7

‎09-03-2011 06:07 AM

Hello Sreejith,

Please mark the Question as Answered, if the provided information by Nicolas or Talal is correct and it helped. By doing that others can take benefit as well.

Thanks,

Vinay Sharma

Community Manager – Wireless

Thanks & Regards
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card