Controllerless Networks

 View Only
last person joined: 2 days ago 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

Problem with guest network.

This thread has been viewed 23 times

  • 1.  Problem with guest network.

    Posted Mar 08, 2023 10:08 PM
    I want to create a guest network for visitor who couldn't visit internal IPs and allow to visit internet.
    192.168.254.1 is DHCP and DNS server, but cell phone is unable to get the ip. Anything wrong with the access rules?
    Phone gets ip if access rule is allow any to all destination.


  • 2.  RE: Problem with guest network.

    EMPLOYEE
    Posted Mar 08, 2023 11:30 PM

    for a quick test you can just allow everyting and see if the clients get IP address. that way you rule out the DHCP piece of it.

    But looking at the access-list, i think you should also add allow all as the last rule after your deny statement



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------

    Original Message


  • 3.  RE: Problem with guest network.

    Posted Mar 09, 2023 11:19 AM

    You must allow DHCP to any ip addresses. A DHCP request is sent as a broadcast and not directly to the DHCP server.

    At the end of each ACL is an implicit deny all entry. If necessary you should enable targets that should be reached.  



    ------------------------------
    Regards,

    Waldemar
    ACCX # 1377, ACEP, ACA - Network Security
    If you find my answer useful, consider giving kudos and/or mark as solution
    ------------------------------

    Original Message


  • 4.  RE: Problem with guest network.

    Posted Mar 09, 2023 07:52 PM

    It works. I leave photo here for reference.

    Both ways below are work.

    Visitors are able to get ips from dhcp server, unable to access intranet, able to access internet.



  • 5.  RE: Problem with guest network.

    Posted Mar 11, 2023 12:55 PM

    Hi, you can change the DNS line to the especif server if you want, the only one needed to any is the dhcp rule.

    I hope this helps


    Original Message