Wireless Access

last person joined: an hour ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Guest on a other internet

Jump to Best Answer
  • 1.  Guest on a other internet

    Posted Nov 29, 2013 11:56 AM

    Hello I show you the configuration of my client and I ask you my question after:

     

    3 SSDI: Employee (vlan-10), garage (vlan-10) and Guest (vlan-20)

     

    My client won’t to add another internet only for the Guest.

     

    Capture.PNG

     

    I would like to know if I have something to do with the controller or if the router can route the VLAN Guest to the internet GUEST?

     

    Thank you



  • 2.  RE: Guest on a other internet

    Posted Nov 29, 2013 12:01 PM

    We have a similar setup.

     

    We extend the Internet-for-guests on a VLAN dot-interface from the edge router to the switch (2950 in your drawing) and trunk that VLAN to the controller.

    Guest users get placed in the guest-internet VLAN and are neatly segregated from employee users.

     

    --Matthew



  • 3.  RE: Guest on a other internet

    Posted Nov 29, 2013 12:08 PM

    If I understand, I have nothing to change on the controller because the GUEST is already on its VLAN. It remains only to change the setting on the router to indicate that the internet that enters the port x will be on the Guest VLAN. That correct?



  • 4.  RE: Guest on a other internet

    Posted Nov 29, 2013 12:11 PM

    That sounds like you've got it. 



  • 5.  RE: Guest on a other internet

    Posted Dec 02, 2013 03:24 PM

    I use the same post, because is the same client and he change is mind. This is the new scenario:

     

    Capture 2.PNG

     

    This is my question: Can I use the Aruba Controller to redirect all SSID GUEST to then new internet connexion?



  • 6.  RE: Guest on a other internet

    Posted Dec 02, 2013 03:29 PM

    Sure, same thing. 

     

    Put the new internet connection into a VLAN and then put the guest SSID into that VLAN.



  • 7.  RE: Guest on a other internet

    Posted Dec 02, 2013 03:33 PM

    Ok but the traffic have to go to the router or the traffic go directly to the internet GUEST?

     

    The client don't want the SSID GUEST go to the switch and the router.



  • 8.  RE: Guest on a other internet

    Posted Dec 02, 2013 03:38 PM

    All guest traffic will be tunneled back to the controller, and since you show the guest internet connected directly to the controller, the traffic will not have to go anywhere else but to follow the connection out that path.



  • 9.  RE: Guest on a other internet

    Posted Dec 02, 2013 03:41 PM

    Ok, for example:

     

    If the internet for GUEST is pluged in the port 1 of the controller, I have to assign the vlan 20 (vlan Guest) to the port 1 and remove the vlan 20 on the other port.



  • 10.  RE: Guest on a other internet
    Best Answer

    Posted Dec 02, 2013 03:44 PM

    Correct.



  • 11.  RE: Guest on a other internet

    Posted Dec 02, 2013 03:50 PM

    Thank you



  • 12.  RE: Guest on a other internet

    Posted Dec 02, 2013 04:02 PM

    My pleasure.  Good luck with your client.

     

    -----------------------------------------------------------------------------------

    If my anwers have been helpful, please click the kudos button



  • 13.  RE: Guest on a other internet

    Posted Dec 03, 2013 02:40 AM
    Reference to the above diagram, Where NATTing would be done if we do have only single IP for guest internet (I guess on controller). What commands would be use on Aruba controller to NAT guest network to single guest IP address while employee network to single enterprise Internet.


  • 14.  RE: Guest on a other internet

    Posted Dec 03, 2013 08:31 AM

    My personnel router can do my NAT and the router of my FAI can do my NAT to.



  • 15.  RE: Guest on a other internet

    Posted Dec 05, 2013 02:35 AM

    Yup NATTing can be done on router or L3 switch. I just want to know how can we configure on controller if we don't have router on site.