Cisco Cisco 4404 Wireless LAN Controller Referências técnicas
3
Deployment Guide: Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.0
OL-11010-01
Configuring Guest Access on the Cisco Wireless LAN Controller
•
Guest traffic segregation or path isolation – To restrict guest user traffic to distinct, independent
logical traffic paths within a shared physical network infrastructure.
logical traffic paths within a shared physical network infrastructure.
•
Access Control – To identify any user or device that logs onto the network for assignment to
appropriate groups by employing an authentication process.
appropriate groups by employing an authentication process.
•
Guest User Credential Management - To support creation of temporary credentials for a guest by an
authorized user. This function may reside within an access control platform or a component of AAA
or other management system.
authorized user. This function may reside within an access control platform or a component of AAA
or other management system.
Initial Configuration
shows an example of basic guest access using the Cisco wireless LAN controller. The
configuration shown is applicable for Cisco controller models 2006, 410x, and 440x.
The wireless LAN controller in the remote office is connected to a WAN infrastructure.
•
All the interfaces on the wireless LAN controller are mapped to physical port 1 and two WLANs are
configured:
configured:
–
one for a guest user (SSID – guest) and
–
one for EAP authentication (SSID – secure).
•
Dynamic VLAN interfaces are created for the guest SSID (VLAN 60) and the secure EAP SSID
(VLAN 30).
(VLAN 30).
•
The management and access point (AP) manager interfaces are configured to use VLAN 50.
•
All network services (AAA, DHCP, and DNS) are configured on VLAN 1.
•
All access points will be connected to VLAN 50.