Solved: Wireless implementation Query

Prasan Venky · ‎06-04-2013

Dear All,

Consider I have one WLC and few AP's to be installed on my premises. My requirement is to create two SSID's as Secure & Guest. I want to restrict guest vlan to only access internet while Secure vlan able to access whole corp. resources. How do i achieve that...?

Please provide your suggestions.

Thanks in advance...

KVS

Amjad Abdullah · ‎06-05-2013

KVS:

You can use ACLs on the neighbor switch to restrict the traffic of the guest VLAN.

If you have a firewall you can use policies on the firewall as well.

Regards,

Amjad

useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

View solution in original post

Leo Laohoo · ‎06-05-2013

Your Guest VLAN's default gateway is your internet default gateway. You create an ACL on the router saying that the Guest subnet can talk to the same subnet and "deny ip any any" is explicit.

View solution in original post

Amjad Abdullah · ‎06-05-2013

KVS:

You can use ACLs on the neighbor switch to restrict the traffic of the guest VLAN.

If you have a firewall you can use policies on the firewall as well.

Regards,

Amjad

useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

Leo Laohoo · ‎06-05-2013

Your Guest VLAN's default gateway is your internet default gateway. You create an ACL on the router saying that the Guest subnet can talk to the same subnet and "deny ip any any" is explicit.

Abhishek Abhishek · ‎06-05-2013

Hello Prasan,

As per your query i can suggest you the following solution-

Yes you can use ACLs on the neighbor switch and it will restrict traffic on the gueat VLAN.And you can easily create two SSID's as Secure and Guest.

Hope this will help you.