Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
556
Views
0
Helpful
1
Replies

VLAN Assignment of SSID using Cisco AV Pair or Dot1x ?

mikedelafield
Level 1
Level 1

‎09-20-2008 10:19 AM - edited ‎07-03-2021 04:30 PM

Hi.

I am looking to setup wireless access to 2 of my internal VLANs. I am using Cisco 1130AG, PEAP and RADIUS for the authentication as one network is for employees only and one restricted to guests only.

I was wondering which was the most recommended solution.

1. To have 2 SSIDs, with one in each VLAN with the access restricted using the Cisco AV Pair attribute in RADIUS

or

2. Use one SSID and use Dot1x and the Tunnel attribute to assign the VLAN?

This option I feel is more complicated and I am still unsure how this works in reality as the SSID itself can only be part of one VLAN????

Do I have to configure a Dot11Radio and Fastethernet interface for each intended vlan in this case?

Could someone please explain and suggest their preferred option.

Thanks.

Labels:
0 Helpful
1 Reply 1

Scott Fella
Hall of Fame
Hall of Fame

‎09-20-2008 12:33 PM

You should have two ssid's one for your internal and one for guest. You should use 802.1x for your internal and your guest should be open with a Login page of some sort. You can still use dynamic vlan assignments so that your internal users who try to access the guest page will be put on the internal vlan. Of course the guest will always be placed on the guest vlan. If you have a WLC, the login page and setup is easier, because in autonomous you will have to use something like ZoneCD for guest if you want a HotSpot type wifi.

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card