Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
865
Views
5
Helpful
5
Replies

Wireless Controller 2504

majed.balsharaf
Level 1
Level 1

‎02-24-2013 10:19 PM - edited ‎07-03-2021 11:36 PM

Hi

I am having wireless (2504)  controller with 10(AIR-AP114) AP connected to it. And they are connected in my  network to internet.

I want to give different SSID with different level of security.

Example:

SSID 1 : Guest  (access level limited)

SSID 2 : Employees (full access)

Please suggest me as I am not having much knowledge about Wireless

Labels:
0 Helpful
5 Replies 5

Scott Fella
Hall of Fame
Hall of Fame

‎02-25-2013 04:31 AM

Well what exactly is limited access? If its just Internet only you can do this many ways. First you can use ACLs on the WLC to block traffic to your local network and just allow Internet, dhcp and dns. Or you can do this on the layer 3 interface which I prefer. The other way is to just use one port for your internal traffic and another port connected to your dmz.

So there are many ways, but most if them doesn't involve doin anything on the WLC unless you use ACLs on the WLC.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

maldehne
Cisco Employee
Cisco Employee

‎02-26-2013 04:53 AM

Yeah I go with Scott , what kind of restriction do you want to acheive??

0 Helpful

majed.balsharaf
Level 1
Level 1

‎03-12-2013 02:13 AM

Thanks alot for the reply.

   I am creating two SSID 

1.Employees

2. Guest

In Employees I want full access of internet, in Guest they can only access EMAILs.

I am using CLI to configure this. But I cannot create ACL via CLI.  I am using this :

(Cisco Controller) >config acl rule ?

action         Configure a rule's action.

add            Add a new rule.

change         Change a rule's index.

delete         Delete a rule.

destination    Configure a rule's destination IP address, netmask and port range.

direction      Configure a rule's direction.

dscp           Configure a rule's DSCP.

protocol       Configure a rule's IP Protocol.

source         Configure a rule's source IP address, netmask and port range.

swap           Swap two rules' indices.

What should I use to configure ACL rule for Guest.

0 Helpful

maldehne
Cisco Employee
Cisco Employee
In response to majed.balsharaf

‎03-12-2013 03:16 AM

If you want to configure ACLs you can use the GUI of the controller

security --> Access control lists --> Access control lists

there you go

then you can apply either per interface or

in WLAN advanced config you can override the interface configured ACL

with another defined ACL.

------------------------------------------------------------------------------------------

please make sure to rate correct answers

Saravanan Lakshmanan
Cisco Employee
Cisco Employee

‎03-13-2013 11:14 PM

Here is an example:

https://supportforums.cisco.com/docs/DOC-30315

Once the ACL is created apply to the guest vlan interface on wlc.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top