Cisco Cisco 4404 Wireless LAN Controller 技术参考
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
17
Deployment Guide for Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.1
OL-13691-01
Web Authentication Process
Note
For the example in this deployment guide, the remote and the DMZ anchor controllers are assigned to
the same mobility group. Generally, implementing the guest tunneling feature does not require that the
remote and DMZ anchor controllers be in the same mobility group.
the same mobility group. Generally, implementing the guest tunneling feature does not require that the
remote and DMZ anchor controllers be in the same mobility group.
Figure 15
Web Authentication Using the Mobility Anchor Controller Feature
Anchor Controller Selection
The anchor function on a controller includes tunnel termination, web authentication, and access control.
A Cisco 4400 series controller is the most cost effective controller that can be used as an anchor
controller in the DMZ interface off the firewall.
controller in the DMZ interface off the firewall.
•
If the controller is used for guest access and tunnel termination functions only, a Cisco 4402 with
12 access point support is sufficient as it is not used to manage LWAPP access points in the network.
Additionally, the Cisco 4400 supports up to 2,500 simultaneous users and has a forwarding capacity
of 2 Gbps.
12 access point support is sufficient as it is not used to manage LWAPP access points in the network.
Additionally, the Cisco 4400 supports up to 2,500 simultaneous users and has a forwarding capacity
of 2 Gbps.
•
If your guest access network deployment requires more than 2-Gbps throughput, you can use a Cisco
4404 or Cisco WiSM as an anchor controller.
4404 or Cisco WiSM as an anchor controller.
–
A single Cisco 4400 series controller or Cisco Catalyst 3750G Integrated wireless LAN
controller can support EoIP tunnels from up to 40 other controllers.
controller can support EoIP tunnels from up to 40 other controllers.
Wireless
VLANs
Internet
WLC
Guest
EtherIP
"Guest Tunnel"
EtherIP
"Guest Tunnel"
Guest VLAN - 10.10.60.x /24
Secure VLAN - 10.1.30.x /24
Management - 10.10.50.2
AP-Manager - 10.10.50.3
Secure VLAN - 10.1.30.x /24
Management - 10.10.50.2
AP-Manager - 10.10.50.3
Guest VLAN - 10.10.60.x /24
Secure VLAN - 10.1.30.x /24
Secure VLAN - 10.1.30.x /24
Campus Core
LWAPP
Secure
LWAPP
Guest Secure
170446
Guest Secure