Is it possible to allow certain websites to bypass the web authentication pages, so that they do not need to authenticate to get to our own website, but do have to if they wish to go anywhere else?Looking at a 5508 model at the moment
View 4 Replies
We have;
3 - 5508WLC
1 - 4402 WLC
Cisco Prime 1.3
25 - 3502i
We have 25 remote sites that use MPLS back to the company HQ that has one connection to the internet.Also at the HQ we have a seperate ISP connection.The remote sites and HQ have AP's which provide internal company access. We would like to have a seperate Guest WLAN at these remote sites to provide access to the ISP connection at the HQ's. Do we need to have an anchor controller? From documentation I have been reading it looks like anchor controllers are mostly used for networks that have a single connection to the internet and they use the FW to control/ secure the guest and company network from each other. Is there a differnt way of seperating the guest wireless and company wireless network securely from each other but use the same WLC's and AP's??
Currently the guest wireless users are maintained by WCS 7.0.172.0. I'm having a project to set up another 5508WLC in one location to replace the WLC in use in different location. My concern is regarding the guest user accounts. Can I use the feature of "Save Guest Accounts on Device" in WCS to save all the guest accounts on another WLC? I tried this feature and I got the message of "Successfully saved Guest users to the following respective controller(s) where they were applied". I don't know if it is because there is currently only one WLC in the WCS or the account can only be saved on the original controller where it was created.
View 1 Replies View RelatedI have two SSIDs on an Autonomous Access Point, that goes to a 2960 switch, that connects to a L3 3560. I have a vlan for admin/private internal access that uses the native vlan (1) and guest vlan (50). I have configured both and I am trying to get both to go out the same Internet connection.
I cannot get the guest access to access the Internet. It looks like my computer will go, but it just comes up saying no Internet access.All interfaces are trunking this vlan properly. I can communicate from the laptop to the 3560 but I just can't get to the Internet.
Does the N750 (F9K1103V1) support Guest Access while in Access Point mode? It will not provide an IP address when a guest attempts to connect.
View 20 Replies View RelatedI have an n600 ( F9K1102 v1 , firmware 1.00.09 ). My ISP provides my main router for my network, but I want to use the N600 as an access point, I have activated the "Use as Access Point" feature.Is it possible to still utilize the Guest Access feature in this case?
View 1 Replies View RelatedI understand you can have a guest wireless setup on the newer Access Points, and trunk (cisco term) the 2 VLANs and seperate them out with Access Control Lists so they don't talk to each other, but I would rather just give the VLAN 480 it's own DHCP from the router.
[code]...
My network is such that I want to extend the signal of the GUEST account. I have a WAP54G set up for that purpose and am getting a very strong signal. I can access the main network, but not the Guest, I cannot even see the GUEST access. Any setting change that needs to be made that will allow me to access the GUEST account from the Access Point?
View 2 Replies View RelatedHere is my setup:
Netgear WNDR3700 - Main router, DHCP turned on
4x Netgear WNR2000 - Setup as Access Points (DHCP turned off), connected to main router via LAN ports
I only want the guest network to have internet access. I have the guest network enabled on the router and access points with the option to "Allow Guest network to access main network" disabled. My problem is that since the access points aren't hooked directly to my modem via the WAN port, the guest network broadcasted from the access points does not have internet access.I have read up on setting up a separate subnet for the guest network using DD-WRT but was curious if there was a way to get the desired result with the stock Netgear firmware.
Is it possible to provide wireless guest access over the WAN from another office via the WLC. I have WLC 5508 in a central office and have other remote offices that have one Access Point in each office that are autonomous; I will be converting these to LWAPP. Is it possible to route guest traffic back to the WLC then forward this traffic out to the internet? How would I route this traffic out as well? install a secondary WLC in the DMZ and use anchor points. I only have one WLC
View 7 Replies View RelatedIt's my intention optimize our business WiFi network.Actually we don't have a "Guest" access.Probably WAP321 should be the best solution for us.We will need 3 WAP321 to cover offices area.I have different questions/doubts about Captive Portal functionality.using 3 different WAP321 everyone has the "captive portal" feature, or you can configure only one of the three the feature of "captive portal"?if is possible to configure only one of three the feature of "captive portal", the others WAP321 trusting the authentication?what is the ip address released from the "Captive Portal"?all Guest user have the same username and password?
View 1 Replies View RelatedWe have a 2106 that was configured by a former employee. No one left in the company is qualified to configure it. The wireless guest access used to work fine. We'd configure a guest user account. They would connect to the guest wireless, open a web browser and login. For some reason now there is no prompt for login. People can connect to it and get an IP address, but that's it. No login prompt or anything else from there.User Login Policies was set to 0 and I put it to 8. That didn't do anything. Under Web Auth > Web Login Page it's set to Internal (Default).
View 5 Replies View RelatedI'm looking to implement guest WiFi access with web authentication on one of our 5508 WLC (currently deployed within a sandbox environment), but looking for some assistance. The WLC currently has a single connection from port 1 to the 'Test Site 2' switch. This is a dot1q trunk. On the WLC, the interface (for port 1) is configured as follows: [code] Currently, I have one WLAN configured with the profile name 'Guest Test 1', it's enabled and broadcasting the SSID. Security is L3 only with web authentication configured. The WLAN is configured to use the interface names "guest_wifi".
The issue is that when a client connects to the WLAN, it receives an IP address okay (10.99.254.x address), but doesn't seem to be able to contact the WLC to get the web authentication page. Eventually, the WLC terminates the connection due to an authentication failure.does it sound like I'm taking the correct approach here? The idea is that clients connect to the guest WLAN, which puts them on VLAN 99 and routes traffic through to the ASA and then onto the internet.
I been using my mechanics Wifi connection with my internal wireless adapter for at least 6 months. Living next door he has a guest Wifi connection for his customers that requires a password. I only had to use the password once and since then it has automatically connected. I recently purchased a usb wirless adapter with an antenna to get a better signal and it connects to the server but the login access page will not display nor will it connect to the internet. With this I get error 102.
View 4 Replies View RelatedI currently have two AP541N access points. Both are configured for internal access and one unit is configured with a Guest VAP. I want to configure the Guest VAP to redirect to an authentication page so that the user connecting has to log in to get internet access. I'm fairly certain the AP541N doesn't offer this out of the box. I know I can redirect, but what is needed to force a user to authenticate to gain internet access. I want to find out what additional hardware/software I will need in order to create Guest Services of this VAP.
View 1 Replies View RelatedDoes the Linksys AP (WAP4410N) support Wireless Guest access solution?
View 2 Replies View RelatedIn the ISE documentation is states that under a Guest_Activity report you must have guest access logging enabled on the NAD in the ISE network. My question is where do I enable guest access logging in the WLC that is our NAD?
View 1 Replies View RelatedI just got a new requirement for our wireless roll out and I need some help. Plan the best way to provide employee and guests wireless access w/ the guests separate from the production environment.
We have a 5508 controller w/ 1142 APs. I have two GBICs in the interfaces (only one is being used). I want to use a back haul connection for the guest access. I am having a hard time in visioning how to physically set up the cabling from the patch panel. Again, the requirement is to not allow guest users to connect to our production network but I still want/need to manage the AP. This will eventually need to be supported for remote sites tunneling back to the primary location.
I am running a 5508 WLC with 10 Access Point. we need to allow Internet Access to Guest. 10MB DSL Internet is dedicated for Guest. This link is terminated on a regular ADSL modem without being part of our network. We want all Guest Internet traffic to reach the ADSL Router. where should I create the Guest VLAN / where the DHCP for Guest users should be created. what is the best practise for similar setup.
Our Network is simple
ISP_Reuter-------ASA_Firewall--------------4505------------LAN-switch 2950
ADSL_modem------------ users connect via wireless but restricted to certain area only.
I have two Cisco WAP4410N access points. Both has Regular and Guest SSIDs, with same configurations, except "Wireless Isolation" on Guest SSID is enabled. Problem is Guest SSIDs are not visible on devices
Access points are working on different chanles, firmware Version: 2.0.1.0.
on WLC 4400 Guest vlan is configured with local authentication, the users get disconnected after 10mins were should i disable the option of 10mins restriction
View 3 Replies View RelatedI have 4 PCs connected to a wireless modem router(WBR 6601).All 4PCs are configured to shared all folder in C drive. These PCs are not configure to use domain.The thing is whenever I let my guest to connect to my wireless modem router for internet usage. They will be able to see all of my shared Folder(4 PCs) under the network Terminals.Is there anyway i can restrict the guest from accessing/seeing my shared folder and allow them to connect to my WAP to use for internet browsing only ?
[code]....
I have a Linksys WRT54G2 wireless router that is used in an office setting. We have, of course, set a password to access (wireless) the internet and local file sharing network from a laptop. Occasionally, however, we have guests that want to access the internet. Is it possible to give the guest a temporary password that is different than the main one? Also, is it possible to limit the guest to only the internet and not the local file sharing network?
View 1 Replies View RelatedThe guest network on the router keeps going down. It can be seen but it cannot be connected to. Sometimes it works for a day or 2 and then it doesn't. I have to constantly babysit the network and it is entirely frustrating because the only fix is to reboot the router.I have tried factory resetting several times.I have tried re-flashing the fw.I'm using the non-CCC fw because CCC had way, way too many issues.These routers have been out for months and many people have been having issues and somehow Cisco doesn't see fit to work on firmware that stabilizes them at all? It's like, they release a router and then forget about it - the next batch comes along, often the same guts with a different shell and it's the same thing over again. I had a WRT610N and I said I'd never buy another Cisco after that but I broke my rule because of being lured by these "App enabled" features, which mind you have nothing at all over the competition since the CCC doesn't even work for most people.
View 9 Replies View RelatedPurchased E3200 and did simple setup via CD setup (Cisco connect). Set up main name and password. Cisco Connect assigned "-guest" to end of main name for the guest account. Gave guest account its own password. Both main and guest accounts were broadcasting OK -- but guest account was not secure and could be accessed without password. (All software and firmware upgrades were done during initial setup).Reset the E3200 and restarted things from the CD setup. Created main account, main account password, and guest password again. In advanced settings, left basic wireless settings at initial settings, changed wireless secutiy to WPA2 Personal. Still having the guest account being broadcast in unlocked status. (Have turned off guest access for now until I can get password protection for it).
View 2 Replies View RelatedAny problems with the guest network on the ea4500 with the cloud firmware? I am losing guest clients after about 24 hours and the re-authentication fails. you enter the guest password and nothing happens until you reboot the router.
View 2 Replies View RelatedWe have the RV180W router and the WAP321 access point in our business. We want to broadcast two SSIDs from both locations: the office SSID, which shares routing to LAN traffic, and a guest SSID.The office computers are attached via ethernet to a switch off of LAN port 1 on the router. The AP is attached to LAN port 2 on the router.On the router, the office SSID and the LAN are members of VLAN 1. The guest network is a member of VLAN 2. From the router, everything works just fine.On the WAP, the staff SSID works fine, but the guest SSID has no internet. Both the office and guest networks get DHCP successfully from the router.Our VLAN membership table in the router and WAP are attached, as well as other configuration details.Why would we not be getting internet on the guest ID only on the WAP?
View 8 Replies View RelatedI am running a /24 network in Active Directory with my ASA acting as gateway and firewall. Standard interfaces (Ethernet 0/0 as outside, Ethernet 0/1 as inside)
As of now I have no VLans set up, but I need to setup wireless Internet access for guests... I need directions on how to setup a Vlan with its on DHCP for these aguests... I can then make sure that my APs can be pointed to the same VLAN... I am not familiar with CLI, have generally used ASDM. I am currently running ASDM 6.3(1) on an ASA with version 8.3(1).
This is something I need to do quickly as we are expecting 20-40 "guests" shortly, and I don't want them to use our internal DHCP server addresses.
I need to know how WLC can support ISE guest management in wireless mode. Tested and confirm by Cisco SE, Knowing that WLC currently does not support dynamic VLAN authorization for central web authentication. This limitation will be addressed in WLC 7.2 when MAB and CWA support is added to the code. On the other hand, DACLs on the other hand works and we can use that to restrict access of this guest traffic.Can ISE support on WLC LWA guest access provision? This able to view guest user login and show at ISE monitoring.
View 1 Replies View RelatedI have 2 APs, Cisco Aironet 1040, and 2504 WLC.Is it possible to configure guest access (Guest SSID/VLAN and Corporative SSID/VLAN) without dedicated guest WLC in DMZ?
View 4 Replies View RelatedIn my Wireless network, I have two appliances WLC 5508 running version 7.0.116.0.I have a WCS running version 7.0.172.0, deployed on a windows 2003 server.I've imported the two WLCs in my WCS in order to centralize the monitoring and the configuration tasks.Now I'm facing an issue when I want to create a guest user from the WCS, rather than creating this user access on each WLC. The creation of the user account is working good, the replication is done on the both WLCs, but on one of my WLC the guest user account is deleted after one hour(around).On the second WLC, the same user account remains during all its life time.In attachment a screen shot of the advanced parameter of the guest user.You can see that the user was created on the both WLC but is only active on one ... and unfortunately the wrong because the AP is associated with the other WLC.
View 2 Replies View RelatedWe have a strange problem. We have a WCS v.7.0.172 that controls our two WLC v.7.0.116 and we have also two "Anchor Controller" WLC
v.7.0.116 for Guest Access.
We use the LAP1142N and every AP has two SSID's. One for internal data traffic and the other one for the guests.
Now the problem is, that even if we have internal and external user on the same AP, the guest users gets disconnected after a few time. Sometimes after 20 minutes, sometimes after 90 minutes...but the user is still working. It's really irregular.
There is one guest interface, one guest WLAN. The WLAN is set with a DHCP override address of the guest interface. But it no longer allows this as I found out. Anyway, I can get the client to now receive an address from the internal pool on the WLC, but it will not route to the authentication page. I noticed that the WLC excludes the clients attempting to connect on the guest WLAN due to failed 802.1x authentication! the WLC never even gave me the chance to authenticate using an account created either through the lobby ambassador or creating one directly on the controller.
View 3 Replies View Related
