Trusted and Untrusted VLANs in WLAN

paneer.r · ‎09-12-2004

Can anyone help me to find out how to configure guest mode VLAN & one secure VLAN. I want guest mode VLAN to be configured without any authentication and trusted VLAN association only with MAC & LEAP authentication.

Regards,

Report Inappropriate Content · ‎09-16-2004

I don't think the concept of guest VLAN is there in WLAN.

jafrazie · ‎09-16-2004

True, but a WLAN Guest Access Network can be a WLAN VLAN configuration, so you have alternatives for WLAN Guest access:

*Create a Guest WLAN VLAN with no encryption, open authentication, and a broadcast SSID (or tell Guests what it is).

*Same as above with Authentication Options (like BBSM/IOS-Authentication-Proxy and/or specialized clients like 802.1x.

*Add application filters, time of day controls, and/or IDS schemes as needed/required.

Hope this helps.

smmccco · ‎09-21-2004

I have a trusted and untrusted VLAN in my WLAN. Just setup the VLANs and create LEAP accounts on the ACS server for both VLANs

ex. VLAN 100 Trusted

VLAN 101 Untrusted

Setup username VLAN100

password xxxxxxx

Do you have your devices in ACS setup in groups?

paneer.r · ‎09-21-2004

Hi ,

I could resolve the issue by doing the following.

1) I have created 2 SSID and assigned different VLANs to the same. Guest SSID configured with open/shared access and Secure SSID configured with EAP/MAC Authentication. VLAN restriction configured in the MSFC.I could find if we are selecting shared access , clients are able to join AP even without SSID. So it resolved my problem.

Thanks for all your responses.

Regards,

Shibu