Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
901
Views
0
Helpful
6
Replies

Two Guest Wifi WLANd on a foreign WLC

matthewlmartin323
Level 1
Level 1

‎12-08-2020 12:01 AM - edited ‎07-05-2021 12:52 PM

New to questions here. I have a foreign WLC that has guest wifi with the anchor in the DMZ. If I am trying to add a second guest WLAN, is there something specific I need to do? 

The original guest uses the mgmt interface (not recommended) and I created a new interface for the second. I assigned the same mobility anchor to each WLAN and local for both on the anchor. The mobility groups are UP and a user can connect, but not receive an IP from DHCP. 

The DHCP is from a ASA that is the gateway for both (and many other) WLANs. The VLAN is added for the switches between the Anchor WLC and FW and all configuration in the ASA and switches are identical to all existing guest wireless deployments. All configurations for the WLANs in the foreign WLC are identical to other sites using guest wifi, but this is the first multiple guest scenario. 

On the Anchor WLC, the IP for the second guest interface is .2, Gateway is the FW.1 and DHCP is the FW .1. 

Under the advanced tab is set to use DHCP required check box. 

sorry, new to questions here again. 
let me know if a picture would help or something 

Labels:
0 Helpful
6 Replies 6

Scott Fella
Hall of Fame
Hall of Fame

‎12-08-2020 02:13 AM

What is the use case to have two SSID’s anchored back? Here are some suggestions in regards to anchoring:
mobility group is up which you said it was
each ssid that is anchored must have a duplicate ssid on the anchor
foreign controller ssid is set to anchor to the anchor controller
anchor controller ssid is set to anchor to itself
SSID that is open, device will authenticate on the anchor. SSID that is using WPA2 for example will authenticate to the foreign
The key is that the ssid is a duplicate and the only difference can be the interface that a mapped to.
-Scott
*** Please rate helpful posts ***
0 Helpful

matthewlmartin323
Level 1
Level 1
In response to Scott Fella

‎12-08-2020 09:17 AM

My bad, so they’re two different guests not duplicate. One is visitor one is employee owned devices. They want a separate guest even though they share the same resources anyways. 

both ssid are created on the foreign and anchor wlc 

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to matthewlmartin323

‎12-08-2020 09:47 AM

Well it should work as long as you have employee guest ssid and guest ssid configured on both the foreign and anchor.

-Scott
*** Please rate helpful posts ***
0 Helpful

matthewlmartin323
Level 1
Level 1
In response to Scott Fella

‎12-08-2020 10:01 AM

Alright, I’ll keep looking. I just wanted to make sure there wasn’t anything on the WLC for multiple guest wlans cause I’m still not super at them yet. 

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to matthewlmartin323

‎12-08-2020 12:22 PM

There isn't... as long as your have mobility and the ssid's are anchored properly, then you should not have any issues.  You can also tell if your clients are being anchored by looking at the client on the foreign and anchor.  Have you validated that dhcp works in the dmz or are you using the same interface for both?

-Scott
*** Please rate helpful posts ***
0 Helpful

Grendizer
Cisco Employee
Cisco Employee

‎12-09-2020 08:10 AM

That’s a typical scenario when you have mismatch WLAN/SSID settings/config from the foreign and the anchor WLCs.

You need to make sure that all settings/config for the two WLANs/SSIDs in foreign and anchor WLCs are the same.

In general, these are accepted differences between the two WLANs:

WLAN id, interface, PSK, AAA and obviously WLAN Anchor settings.

Other than that, everything need to be the same. When you fix that, the client will get IP addresses.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top