Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5014
Views
13
Helpful
8
Replies

How to hide internal network in WLC

shazeb051
Level 1
Level 1

‎03-06-2016 03:23 AM - edited ‎07-05-2021 04:43 AM

Dear all  i have cisco Wlc in that i create 3 sis id.

i i want to give only internet access to one SSID which Can not access internal service. can any one please tell how to do block and next is to hidden SSID with protection.

regards.

Labels:
0 Helpful
8 Replies 8

Sandeep Choudhary
VIP Alumni
VIP Alumni

‎03-06-2016 09:21 AM

Hi,

Check this doc to implement Guest and Internal WLAN:

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-vlan/70937-guest-internal-wlan.html

to Hide SSID  or disable broadcasting:

you can Hide it under WLANs > click WLAN ID > General > uncheck "Broadcast SSID"

Regards

Dont forget to rate helpful posts

shazeb051
Level 1
Level 1
In response to Sandeep Choudhary

‎03-06-2016 10:22 PM

Dear Sandeep,

I tried the above link.. but when i disable broadcast i am not able to add it mannually, and i want to hide my internal services and give only internet access how can i do that??

0 Helpful

Sandeep Choudhary
VIP Alumni
VIP Alumni
In response to shazeb051

‎03-06-2016 10:59 PM

first: you need to create two SSID , one for guest and and one for corporate access.

you can use the link which i sent in my last post.

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-vlan/70937-guest-internal-wlan.html

Which type of devices you are using to implement Guest and Corporate access ?

Are you using RADIUS server ?

***Hide SSID means, just you can not see it. it is nothing to do with internal services or just internet.

Regards

Don't forget to rate helpful posts

shazeb051
Level 1
Level 1
In response to Sandeep Choudhary

‎03-06-2016 11:26 PM

yes i am using cisco wireless controller and cisco aironet 2602 caps.

i created 3 SSID all three  are now working my question is i want to block tha guest users not to access lan thy only access internet (Wan).

Regards,

0 Helpful

Sandeep Choudhary
VIP Alumni
VIP Alumni
In response to shazeb051

‎03-06-2016 11:45 PM

Take a totally diff subnet(Diff from LAN) for Guest and then route this IP subnet to directly to internet on router or on firewall.

More info: http://superuser.com/questions/569710/how-to-create-a-separate-subnet-for-wireless-access

Regards

Don't forget to rate helpful posts

shazeb051
Level 1
Level 1
In response to Sandeep Choudhary

‎03-09-2016 10:55 PM

Dear sandeep when i disabble ssid broadcasting then i can not find it mannually and one more question is i is that any other way to block guest to access lan they should access only wan because i cant change the subnet of guest ..

regards,

0 Helpful

aysar3000
Level 1
Level 1

‎09-19-2019 01:00 AM

Dear
COnfigure your subnet gateway for the SSID to be on router or on firewall.
and route this IP subnet to directly to internet

Please rate if helpfull
0 Helpful

David Ritter
Level 4
Level 4

‎09-20-2019 01:01 PM

you have to create an ACL and apply it to the guest SSID on the advanced tab.  It can still share the interface for the normal SSID.

All of 13 lines..

 

You need to permit DNS access

deny inhouse targets

permit local segment to 0.0.0.0

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card