- A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
RE: wireless guest vlan [7:131455] posted 06/25/2008
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

That is good to know.  Thank you very much.  I will check that out.

>>> "Nitin Jain"  6/17/2008 8:04 PM >>>
HI Ken,

I have done this setup & its working fine on my customer place but
of ASA we used Netscreen firewall...which I think doesn*t
matter...just you
have to make sure that WLC can reach to ISP DNS nothing else...If
can not reach to ISP DNS & unable to make DNS query then WLC will not
through WEB-AUTH page to users..


"Every Impossible says - I M Possible."

-----Original Message-----
From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx] On Behalf Of
Sent: Wednesday, June 18, 2008 1:23 AM
To: cisco@xxxxxxxxxxxxxx 
Subject: Re: wireless guest vlan [7:131455]

Actually we do not use the wlc webauth. We use a little firewall
soekris that provides a portal. It uses free-bsd code and provides the
portal and acceptance banner. It is very inexpensive. I did have the
webauth working at one time but it was not consiatent so we went to
other solution for now and I am taking a spare controller into the lab
figure it out. Sorry I wasn't much help on that but will let you know
if I
get it working.
-----Original Message-----
From: "Paul Yeo" 
To: Ken Hagen 

Sent: 6/11/2008 1:02:38 AM
Subject: RE: wireless guest vlan [7:131455]

Hi all, 

Thanks for the reply. 

This thing works partially now, but I cant get the web-authentication
work. The guest will go direct to the internet. 

I use to try using my internal switches and internal DNS servers, it
prompted for the local net users' access before allowing accessing the

I am using WLC4402 version 

Hi Ken, how you get the web-auth portion to work?

Thanks much,

-----Original Message-----
From: Ken Hagen [mailto:Ken.Hagen@xxxxxxxxxxx] 
Sent: Tuesday, June 10, 2008 9:43 PM
To: cisco@xxxxxxxxxxxxxx; Paul Yeo
Subject: Re: wireless guest vlan [7:131455]

This is the exact setup that we use for guest. We are using our isp's
(although I'm not sure if it's kosher or not), but it works.  One bad
is, they can change their dns ip address whenever they want to,
telling you.  Good luck.


>>> "Paul Yeo"  6/9/2008 12:46 AM >>>

I am trying to setup my guest vlan to use the ASA firewall as the next
gateway to go to the internet..

I am using a WLC4400, 1240 series AP.

I setup a DHCP server on the WLC, and the clients can grab the IP and
to the ASA firewall interface of the same subnet.

I am thinking of using my ISP's DNS servers to serve this group of
users, is that possible? Or must I setup another DNS server internally
serve this group of users?

the guest VLAN is not routable, I only create some vlan interface to
the ASA firewall to the WLC 4400. 

Any pointers are much appreciated. Thanks much!

Message Posted at:
FAQ, list archives, and subscription info: