Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
446
Views
0
Helpful
2
Replies

Wireless vlan security help

johnvojtech
Level 1
Level 1

‎07-25-2006 12:02 PM - edited ‎07-04-2021 12:44 PM

I set up a second ssid and vlan for guests. The native and original vlan is in place and requires WEP. I set the second vlan to broadcast the SSID and have no encryption. I have clients connect, and almost have everything done. The only thing I cant figure out is how to isolate the traffic from the second vlan to the first. I have the second vlan set up so that the users cannot see anything on the native vlan, but I can ping the servers by IP address and if I try to connect from the second vlan to the first, it lets me with a valid username and password. This tells me that if a guest comes in, and has a virus, that computer can maybe infect computers on the native vlan. How can i truly isolate the traffic from one vlan and have it access only the default gateway?

Labels:
0 Helpful
2 Replies 2

Scott Fella
Hall of Fame
Hall of Fame

‎07-25-2006 03:04 PM

Don't route the guest vlan and or place acl on the l3 to deny traffic from the guest subnet..

-Scott
*** Please rate helpful posts ***
0 Helpful

johnvojtech
Level 1
Level 1
In response to Scott Fella

‎07-26-2006 09:44 AM

I need to route the guest vlan to the default gateway. I have multiple access points, so i need to route the guest vlan on the L3 interfaces. I have the route statement added for the guest vlan network addresses pointing to the default gateway, but if i try to connect using the native vlan IP address, i can get to stuff.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card