06-04-2013 01:40 PM - edited 07-04-2021 12:10 AM
Dear All,
Consider I have one WLC and few AP's to be installed on my premises. My requirement is to create two SSID's as Secure & Guest. I want to restrict guest vlan to only access internet while Secure vlan able to access whole corp. resources. How do i achieve that...?
Please provide your suggestions.
Thanks in advance...
KVS
Solved! Go to Solution.
06-05-2013 12:39 AM
KVS:
You can use ACLs on the neighbor switch to restrict the traffic of the guest VLAN.
If you have a firewall you can use policies on the firewall as well.
Regards,
Amjad
useful replies is more useful than saying "Thank you"
06-05-2013 12:46 AM
Your Guest VLAN's default gateway is your internet default gateway. You create an ACL on the router saying that the Guest subnet can talk to the same subnet and "deny ip any any" is explicit.
06-05-2013 12:39 AM
KVS:
You can use ACLs on the neighbor switch to restrict the traffic of the guest VLAN.
If you have a firewall you can use policies on the firewall as well.
Regards,
Amjad
useful replies is more useful than saying "Thank you"
06-05-2013 12:46 AM
Your Guest VLAN's default gateway is your internet default gateway. You create an ACL on the router saying that the Guest subnet can talk to the same subnet and "deny ip any any" is explicit.
06-05-2013 06:22 PM
Hello Prasan,
As per your query i can suggest you the following solution-
Yes you can use ACLs on the neighbor switch and it will restrict traffic on the gueat VLAN.And you can easily create two SSID's as Secure and Guest.
Hope this will help you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide