Руководство По Проектированию для Cisco Cisco Aironet 350 Mini-PCI Wireless LAN Client Adapter
10-15
Enterprise Mobility 4.1 Design Guide
OL-14435-01
Chapter 10 Cisco Unified Wireless Guest Access Services
Guest Access Configuration
Note
Only the relevant portion of a given configuration screen capture is shown in this section.
The implementation of the Cisco Unified Wireless Guest Access solution can be broken into the
following configuration categories:
following configuration categories:
1.
Anchor WLC Installation and Interface configuration—This section briefly discusses installation
requirements, steps and caveats associated with implementing one or more anchor WLCs. When
implementing guest access for the first time in an existing Unified Wireless deployment, the anchor
WLC is usually a new platform that is installed at the Internet edge of an Enterprise network.
requirements, steps and caveats associated with implementing one or more anchor WLCs. When
implementing guest access for the first time in an existing Unified Wireless deployment, the anchor
WLC is usually a new platform that is installed at the Internet edge of an Enterprise network.
2.
Mobility Group Configuration—This section outlines the parameters that must be configured in
order for the foreign WLCs to be able to initiate EoIP tunnels to one or more guest anchor WLCs.
The mobility group configuration does not itself create the EoIP tunnels, but rather establishes peer
relationships between the foreign and anchor WLCs in order to support a guest access WLAN
service.
order for the foreign WLCs to be able to initiate EoIP tunnels to one or more guest anchor WLCs.
The mobility group configuration does not itself create the EoIP tunnels, but rather establishes peer
relationships between the foreign and anchor WLCs in order to support a guest access WLAN
service.
3.
Guest WLAN Configuration—Highlights WLAN specific configuration parameters that are
required to map the guest WLAN (originating from a foreign WLC) to the anchor WLC. It is during
this portion of the guest access solution configuration that EoIP tunnels are created between the
foreign and anchor WLCs. This section also covers the settings required to invoke Layer 3
redirection for web-based authentication.
required to map the guest WLAN (originating from a foreign WLC) to the anchor WLC. It is during
this portion of the guest access solution configuration that EoIP tunnels are created between the
foreign and anchor WLCs. This section also covers the settings required to invoke Layer 3
redirection for web-based authentication.
4.
Guest Account Management—This section outlines how to configure and apply guest user
credentials locally on the anchor WLC using WCS' or the anchor WLC's lobby admin interface.
credentials locally on the anchor WLC using WCS' or the anchor WLC's lobby admin interface.
5.
Other Features and Solution Options—Discusses other features that may be configured including,
but not limited to:
but not limited to:
a.
Web-portal page configuration and management
b.
Support for external web redirection
c.
Pre-authentication ACLs
d.
Anchor WLC DHCP configuration
e.
External radius authentication
f.
External access control
Anchor WLC Installation and Interface Configuration
As described in
, Cisco recommends that the anchor WLC be
dedicated solely to guest access functions and not be used to control and manage LAPs in the enterprise.
This section does not address all aspects of interface configuration on the anchor WLC. It is assumed
the reader is familiar with the WLC initialization and configuration process required upon initial bootup
using the serial console interface. If not, see the following URL:
the reader is familiar with the WLC initialization and configuration process required upon initial bootup
using the serial console interface. If not, see the following URL:
http://www.cisco.com/en/US/partner/docs/wireless/controller/4400/quick/guide/ctrlv32.html
This section offers specific information and caveats as they pertain to configuring interfaces on a WLC
being deployed as an anchor in a guest access topology.
being deployed as an anchor in a guest access topology.
As part of the initial configuration (using the serial console interface), you are required to define the
following three static interfaces:
following three static interfaces:
•
Controller management—This interface/IP is used for communications with other controllers in the
network. It is also the interface used to terminate EoIP tunnels that originate from the foreign
controllers.
network. It is also the interface used to terminate EoIP tunnels that originate from the foreign
controllers.