10-03-2013 10:45 AM - edited 07-04-2021 01:00 AM
I have a central WLC 2504 controller that is being used for remote site FlexConnect 1141 APs. They all advertise three different SSIDs. One SSID is a global SSID that is the same at every office. One is a hidden SSID using 802.1x machine auth.
The one I am trying to get working is the local office guest network. These SSIDs are all the same at each office but should have different PSKs. They are local to the office, therefore would only ever be applied to a specific FlexConnect group.
I understand why in theory this is generally not a good idea but given these are for remote sites I'd like it to be possible. I always get this message though:
"WLAN with duplicate SSID and L2 security policy found"
Is there a way around this? New WLC code that allows it maybe?
10-04-2013 01:06 AM
Hi Graham,
Hope these Links helps.
https://supportforums.cisco.com/thread/334906
https://supportforums.cisco.com/thread/2082314
Regards
10-04-2013 09:15 AM
Thanks I came across those discussions before. The first one seems to imply that I would need to create a new, unique VLAN for every remote site guest network. We already have the guest networks in place on the same VLAN. Is this the only way, then? Renumber all of our VLANs to create unique numbers at each site?
10-05-2013 10:56 AM
It's not designed to support what you want to do. If I recall, you can have the same SSID and same encryption, but your limited to only two. Your first ssid needs to have a WLAN ID of 1-16 and the other identical ssid needs to have a WLAN ID of 17 or higher. You will not have the ability to do more than two and this will most likely never be supported in the future.
Sent from Cisco Technical Support iPhone App
10-07-2013 02:40 AM
I was able to configure three (more I think possible) WLANs with same SSID name and all are WPA2-AES-PSK on the same WLC and all are enabled at hte same time.
Note that you can not have any of those broadcasting on same AP group. Each WLAN can be only broadcasted on a separate AP group. For your sites, It will probably need you to define an AP group for each site to broadcast different WLANs on different sites.
You can do that if all your WLANs have an ID of 17 or higher. (the reason is, WLANs of 1-16 are by default broadcasted on the default AP group. and because those can not be on the same AP group - including the default one - then you can't have them with WLAN IDs 1-16. i.e on same - default - AP group)
HTH
Amjad
rating useful replies is more useful than saying "Thank you"
10-07-2013 07:58 PM
If you're going through the trouble of psk for guest .. Might as well do a guest account web portal ..
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide