Wireless Access

Reply
Occasional Contributor II

SSIDs with Restrictions

There are 2 SSIDs. One for Employees and another for Guest.

Both SSIDS are in same VLAN.

 

Now customer wants to give full Access to resources and servers for the employees who are connecting to 'Employee' SSID.

And only internet to someone who is connecting to 'Guest' SSID.

 

They are having 15 APS and 1 controller with LIC-AP.

 

Now LIC-PEF is required for implementing the above or just LIC-AP is sufficient.

 

And How it can be done.

 

New Contributor

Re: SSIDs with Restrictions

you can achieve this with access-lists

 

ip access-list session employee-acl

any any any permit

!

!

netdestination internal-networks

  network 10.0.0.0 255.0.0.0

  network 192.168.0.0 255.255.0.0

  network 172.16.0.0 255.240.0.0

  <Add any others you want>

!

ip access-list session guest-acl

user alias internal-networks any deny

any any  any permit

 

!

user-role employee

access-list session employee-acl

!

!

user-role guest

access-list session guest-acl

!

 

Assign the roles to the respective ssids

New Contributor

Re: SSIDs with Restrictions

any firewall license (LIC-PEF) is required to do so (Restrict Guest to access Corporate resources)?

Contributor II

Re: SSIDs with Restrictions

You need LIC-PEF to be able to create User Roles

Islam Zidan │ Professional Services Engineer | ACCP,ACMP,ACEAP,AWMP,CWSP,CWDP,CWNA,CCNP,HP ASE ,MCITP
If you Found My Post Helping you kindly Give KUDOS and if it solved your question Kindly hit Accept as a solution box.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: