Overview:
 
 
Wired Guess Access主要是能夠讓有線的設備透過無線控制器來進行Web Auth,在WLC要先定義Ingress Interface及Egress Interface,
當有線的Vlan(Ingress)經過WLC後,會轉換為WLC Guest Vlan(Egress)來進行Web Auth服務。
主要會有幾下幾點主題。
 
1.設定Guest-Lan Interface (Ingress)
2.設定Guest Interface(Egress)
3.設定Wired Guest Wlan
4.新增訪客帳號(Local User)
5.Switch 配置
6.驗證
 
Step1:設定Guest-Lan Interface (Ingress)
 
 
點選CONTROLLER->Interfaces->New
Guest Lan:Enable
Port Number:1
VLAN Identifer:10(此為Switch port Access vlan)
Step2:設定Guest Interface (Egress)
 
點選CONTROLLER->Interface
Port Number:1
VLAN Identifer:30
IP Address10.11.80.250
Netmask:255.255.255.0
Gateway:10.11.80.254
Primary DHCP Server:10.10.1.131(此為management IP,透過WLC本身DHCP進行派發)
 
Step3:設定Wired Guest Wlan
 
點選WLANs->WLANs->New
Profile Name:wired_guest
SSID:wired_guest
Status:Enabled
Ingress Interface:wired_guest
Egress Interface:guest_int
 
Step4:新增訪客帳號(Local User)
 
點選SECURITY->Local Net Users->New
Username:wiredguest
Password:xxxxxx
Confirm Password:xxxxxx
WLAN Profile:wired_guest
 
Step5:Switch 配置
 
interface G0/1
description connect_WLC
switchport mode trunk
switchport trunk allowed vlan 10,20,30
[必須allow ingress(10)及Egress Vlan(30)]
!
interface G0/2
description connect_Wired_Guest
switchport mode access
switchport access vlan 10
 
Step6:驗證
 
1.當設備接上SW後,你會拿到的網段是WLC Egress的網段,但Web並不會自己redirect。
必須手動輸入IP或是輸入可辨識的網址,讓他觸發redirect到驗證畫面
2.點選Monitor->Client
從WLC上面也可以看到Wired Guest連線的狀態
Reference:

leo19950830 發表在 痞客邦 留言(0) 人氣()