Here’s the config for the ASAĪSA1(config)#dhcpd address 192.168.1.x 192.168.1.x Guest_DHCP I usually assign DHCP address’ from the ASA when setting up guest wireless this way, but you can do it from the LAN controller or the AP itself. One thing I would mention is make sure your switch has DTP turned off for unused ports, don’t think I need to explain that one do I?ĪSA1(config-if)#ip address 192.168.1.254 255.255.255.0ĪSA1(config-if)#no forward interface vlan 1ĪSA1(config)#global (outside) 1 interfaceĪSA1(config)#nat (Guest) 1 0.0.0.0 0.0.0.0 So you’ve already setup your AP either its an autonomous AP or you have this connected to your LAN controller, the reason you need to trunk your AP to the switch is so you can have multiple SSID’s each with its own VLAN assigned.
I can hear you ask why there are 2 connections to the firewall well one is your inside corporate interface and the second is your guest wireless interface. First of all you need to know that a VLAN is associated to layer 2 of the OSI model, and when your clients connect to the Guest Wireless VLAN they will be able to route out the VLAN via the ASA firewall. Setting up your ASA for guest wireless is easy, you only need the base licence to do this.
0 kommentar(er)
