Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1339
Views
0
Helpful
5
Replies

Guest WIFI and Achore controller

Go to solution
rafiqmo_@hotmail.com
Level 1
Level 1

‎11-09-2017 04:23 AM - edited ‎07-05-2021 07:50 AM

Hi,

We are planning guest only WIFI in our LAN campus with Achor controller. I need some clarification.

 

1- IF we install Cisco APs in LAN  and Anchor controller in DMZ  only. Is the tunnel between Guest SSID and Anchor controller?

 

2-  do we need corporate controller in WLC in LAN ?

 

 

We will install corporate wifi in future but no plan yet. Therefore only need to purchase anchor controller for guest wifi.

 

Regards.

 

Regards,

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sandeep Choudhary
VIP Alumni
VIP Alumni
In response to rafiqmo_@hotmail.com

‎11-09-2017 05:29 AM

Correct!

 

Internal WLC will handle the corp ssid traffic and for guest ssid, it will create a EOIP tunnel with anchor WLC and terminate all guest traffic there .

 

 

Regards

Dont forget to rate helpful posts

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Sandeep Choudhary
VIP Alumni
VIP Alumni

‎11-09-2017 04:30 AM - edited ‎11-09-2017 04:33 AM

You should have:

1. A internal WLC(Foreign) and a DMZ WLC (Anchor)

2. configure Mobility between both conftrollers

3. Use a Radius server (Cisco ISE) to create guest users and to push the webauth page to guests.

 

check here: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-1/Enterprise-Mobility-8-1-Design-Guide/Enterprise_Mobility_8-1_Deployment_Guide/WirelessNetwork_GuestAccessService.html

 

 here is the answers of your questions:

 

1- IF we install Cisco APs in LAN  and Anchor controller in DMZ  only. Is the tunnel between Guest SSID and Anchor controller?

 Mobility tunnel will be between foreign (Internal)WLC and anchor WLC

2-  do we need corporate controller in WLC in LAN ?

I think you are talking about internal wlc..then yes.

Regards

Dont forget to rate helpful posts

0 Helpful

Go to solution
rafiqmo_@hotmail.com
Level 1
Level 1
In response to Sandeep Choudhary

‎11-09-2017 04:53 AM

Thanks Sandeep,

 

 

My understanding is internal WLC is for corporate WIFI and we only need guest WIFI. Is there any otherway that AP can do directley tunnel between SSID in AP and anchor controller like Meraki does between AP and Concentrator MX firewall.

 

Regards.

0 Helpful

Go to solution
Sandeep Choudhary
VIP Alumni
VIP Alumni
In response to rafiqmo_@hotmail.com

‎11-09-2017 05:04 AM

It will not work.

 

If your AP is in LAN ...where you will join these AP? ...(You will need a Internal controller in LAN so thats these AP can join to it)

 

 

Regards

Dont forget to rate helpful posts

 

0 Helpful

Go to solution
rafiqmo_@hotmail.com
Level 1
Level 1
In response to Sandeep Choudhary

‎11-09-2017 05:21 AM

Thanks Sandeep,

Apology for not understanding the concept. If I understand correctly we can not register APs directly to anchor controller ( which is just like a concentrator to terminate the tunnel) and all the AP registration and SSID configuration ( guest and corp) happen on internal WLC? and we have to buy it and can later configure corporate WIFI  on internal WLC later?

 

Regards.

0 Helpful

Go to solution
Sandeep Choudhary
VIP Alumni
VIP Alumni
In response to rafiqmo_@hotmail.com

‎11-09-2017 05:29 AM

Correct!

 

Internal WLC will handle the corp ssid traffic and for guest ssid, it will create a EOIP tunnel with anchor WLC and terminate all guest traffic there .

 

 

Regards

Dont forget to rate helpful posts

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card