bedwards@shamrockbank.com wrote:
I have a 650 running version 6.1.2 of the software. I currently have 2 VLANs set up -- VLAN1 for employee access, and VLAN10 for Guest For the most part these work great. I have a separate DSL line I would like to plug into port 2 of the 650 and have all Guest internet flow through that connection -- What kind of policy do I need to add to get this done --
That being said -- I am really new to firewall policies -- if you also know of a good reference would love to know it.
barry
Here are the steps you need to take:
1. Create an Arbitrary VLAN (1000 is my favorite) on the controller
2. Give that Arbitratry VLAN an ip address in the Range that your DSL line assigns to clients
3. Run the command "ip cp-redirect-address <ip address of the controller in that VLAN>" to make sure guest users use the controller's ip address to bring up the page
4. Configure a separte port on the controller to place users in that VLAN
5. Run the WLAN Wizard, choose guest and make sure that users are placed in the VLAN
6. Connect the DSL modem via ethernet cable to the port you configured in step 4.
7. See if your user can associate to that new ssid
Here are the commandline steps:
1.
config t
vlan 1000
interface vlan 1000
2.
ip address 192.168.1.250 255.255.255.0 (or whatever ip address you give the controller in that range)
3.
ip cp-redirect-address 192.168.1.250
4.
Interface gigabitethernet 1/3
switchport mode access
switchport access vlan 1000
5. Go into the GUI to Configuration> WLAN/LAN Wizard and Run it to create that guest network.
6. Connect the DSL modem to the controller port in step 4.