Wireless Access

Reply
New Contributor

GRE tunnel between 2 masters- user roles and policies

Hi all,

hope you could give me some advice on the problem I have.

I have 2 master controllers placed in 2 different sites. Only one of them is connected to a TMG firewall which handles our guest wifi traffic. After looking for several solutions I've ended up with creating a GRE tunnel between the 2 controllers which is up and running at the moment. I am having some problems though with setting the policies and roles for the guests as they transit between the controllers. The idea is to move all the action to the controller-A which is directly connected to the TMG i.e. DHCP, active portal, dns....The guests users when connecting to controller-A have a guest-logon role with 2 policies applied

logon control 1:

useranyudp 68deny  Low      
anyanysvc-icmppermit  Low      
anyanysvc-dnspermit  Low      
anyanysvc-dhcppermit  Low      
anyanysvc-nattpermit  Low

 

captive portal policy:

useranysvc-httpdst-nat 8088Yes Low      
useranysvc-httpsdst-nat 8081  Low

 

 and a guest role after they authenticate- 3 policies applied: 

 

lock down control:

useranyudp 68deny  Low      
anyanysvc-dhcppermit  Low      
useranysvc-dnspermit  Low

 

internet only:

useranysvc-httppermitYes Low      
useranysvc-httpspermitYes Low

 

icmp:

 

anyanysvc-icmppermit  Low

 

What should I do on my controllers-B side for my guests? Which roles and policies do I need to apply?

Any help appreciated.

 

Thank you

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: