GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
RE: wireless guest vlan [7:131455] posted 06/25/2008
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Nitin,
That is good to know.  Thank you very much.  I will check that out.
Ken

>>> "Nitin Jain"  6/17/2008 8:04 PM >>>
HI Ken,

I have done this setup & its working fine on my customer place but
instead
of ASA we used Netscreen firewall...which I think doesn*t
matter...just you
have to make sure that WLC can reach to ISP DNS nothing else...If
controller
can not reach to ISP DNS & unable to make DNS query then WLC will not
through WEB-AUTH page to users..

HTH

"Every Impossible says - I M Possible."
 
----Nitin

-----Original Message-----
From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx] On Behalf Of
Ken
Hagen
Sent: Wednesday, June 18, 2008 1:23 AM
To: cisco@xxxxxxxxxxxxxx 
Subject: Re: wireless guest vlan [7:131455]

Actually we do not use the wlc webauth. We use a little firewall
called
soekris that provides a portal. It uses free-bsd code and provides the
portal and acceptance banner. It is very inexpensive. I did have the
wlc
webauth working at one time but it was not consiatent so we went to
this
other solution for now and I am taking a spare controller into the lab
to
figure it out. Sorry I wasn't much help on that but will let you know
if I
get it working.
-----Original Message-----
From: "Paul Yeo" 
To:  
To: Ken Hagen 

Sent: 6/11/2008 1:02:38 AM
Subject: RE: wireless guest vlan [7:131455]

Hi all, 

Thanks for the reply. 

This thing works partially now, but I cant get the web-authentication
to
work. The guest will go direct to the internet. 

I use to try using my internal switches and internal DNS servers, it
get
prompted for the local net users' access before allowing accessing the
internet. 

I am using WLC4402 version 4.0.219.0. 

Hi Ken, how you get the web-auth portion to work?

Thanks much,

-----Original Message-----
From: Ken Hagen [mailto:Ken.Hagen@xxxxxxxxxxx] 
Sent: Tuesday, June 10, 2008 9:43 PM
To: cisco@xxxxxxxxxxxxxx; Paul Yeo
Subject: Re: wireless guest vlan [7:131455]

This is the exact setup that we use for guest. We are using our isp's
dns
(although I'm not sure if it's kosher or not), but it works.  One bad
thing
is, they can change their dns ip address whenever they want to,
without
telling you.  Good luck.

Ken

>>> "Paul Yeo"  6/9/2008 12:46 AM >>>
Guys,

I am trying to setup my guest vlan to use the ASA firewall as the next
hop
gateway to go to the internet..

I am using a WLC4400, 1240 series AP.

I setup a DHCP server on the WLC, and the clients can grab the IP and
ping
to the ASA firewall interface of the same subnet.

I am thinking of using my ISP's DNS servers to serve this group of
guest
users, is that possible? Or must I setup another DNS server internally
to
serve this group of users?

the guest VLAN is not routable, I only create some vlan interface to
link
the ASA firewall to the WLC 4400. 

Any pointers are much appreciated. Thanks much!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=131580&t=131455
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html