Руководство По Проектированию для Cisco Cisco Aironet 350 Mini-PCI Wireless LAN Client Adapter
10-3
Enterprise Mobility 4.1 Design Guide
OL-14435-01
Chapter 10 Cisco Unified Wireless Guest Access Services
WLAN Controller Guest Access
Figure 10-1
Centralized Controller Guest Access
As shown in
, a WLC is located in the enterprise DMZ where it performs an “anchor”
function. This anchor controller is responsible for terminating EoIP tunnels that originate from other
campus WLCs throughout the network. These “foreign” controllers are responsible for termination,
management, and standard operation of the various WLANs provisioned throughout the enterprise,
including one or more guest WLANs. Guest WLANs, instead of being switched locally to a
corresponding VLAN, are instead transported via an EoIP tunnel to the anchor controller. Specifically,
guest WLAN data frames are encapsulated using LWAPP from the AP to the foreign controller and then
encapsulated in EoIP from the foreign WLC to a guest VLAN defined on the anchor WLC. In this way,
guest user traffic is forwarded to the Internet transparently, with no visibility by, or interaction with,
other traffic in the enterprise.
campus WLCs throughout the network. These “foreign” controllers are responsible for termination,
management, and standard operation of the various WLANs provisioned throughout the enterprise,
including one or more guest WLANs. Guest WLANs, instead of being switched locally to a
corresponding VLAN, are instead transported via an EoIP tunnel to the anchor controller. Specifically,
guest WLAN data frames are encapsulated using LWAPP from the AP to the foreign controller and then
encapsulated in EoIP from the foreign WLC to a guest VLAN defined on the anchor WLC. In this way,
guest user traffic is forwarded to the Internet transparently, with no visibility by, or interaction with,
other traffic in the enterprise.
WLAN Controller Guest Access
The WLC Guest Access solution is self-contained and does not require any external platforms to perform
access control, web portal, or AAA services. All these functions are configured and run within the
anchor controller. However, the option exists to implement one or all of these functions externally and
will be discussed later in the chapter.
access control, web portal, or AAA services. All these functions are configured and run within the
anchor controller. However, the option exists to implement one or all of these functions externally and
will be discussed later in the chapter.
190809
WCS
Corporate
Servers
Internet
Guest WLAN
Enterprise WLAN
Enterprise WLAN
DNS
WEB
Anchor
Controller
Campus
Controllers/
Foreign WLC
DHCP
LWAPP
LWAPP