Announcement

Collapse
No announcement yet.

restricted vlans (Guest VLAN & corporate vlan)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • restricted vlans (Guest VLAN & corporate vlan)

    I'm not very knowledgeable person when it comes to cisco devices. I have been asked to do this setup on our network:

    - Guest Vlan: allows access to internet only. no access to corporate network.
    x- reservation based. Mac address need to be added to obtain an IP on the network

    - Corporate Vlan: Seperate from Guest Vlan.
    x- reservation based DHCP
    x- non-authorized devices doesn't get any connectivity at all.

    I've got following devices atm:
    - 3 x cisco 3560
    - 1 x cisco 2900XL
    - 1 x cisco 1700 router

    Any help in this matter is highly appreciated.

  • #2
    Re: restricted vlans (Guest VLAN & corporate vlan)

    so many views; still no posts. Your input is highly appreciated guys.

    Comment


    • #3
      Re: restricted vlans (Guest VLAN & corporate vlan)

      Create two VLAN
      a. Corp VLAN
      b. Guest VLAN

      Create an Access-List
      a. Create an Extended list which will allow Guest network to access http/https
      b. Create an another Extended list which will allow Crop network to access internal network.
      Best Regards ,
      Manish Nadkarni

      Comment


      • #4
        Re: restricted vlans (Guest VLAN & corporate vlan)

        How do I make it so that a new device never gets an automatic DHCP address unless it is registered?

        Comment


        • #5
          Re: restricted vlans (Guest VLAN & corporate vlan)

          Leo- what devices are acting as DHCP servers? Is it one of the Cisco boxes or something else? Please post dhcp config if its one of the Cisco units-

          gd

          Comment


          • #6
            Re: restricted vlans (Guest VLAN & corporate vlan)

            DHCP is a standard windows 2000 box.

            Comment


            • #7
              Re: restricted vlans (Guest VLAN & corporate vlan)

              Is not such a good idea to add/remove a MAC Address everytime when a guest comes/goes to/from your place. You can use 802.1x and a Radius server for authentication and authorization : people will input a username and a password and using this credentiales the radius server will inform switch or access point in which vlan to asign the new computer (to Guest_Vlan or Enterprise_Vlan)

              Comment


              • #8
                Re: restricted vlans (Guest VLAN & corporate vlan)

                I think this will help:

                Configuring the Cisco 871W wireless router: SOHO setup

                It uses GuestVLANs:

                http://articles.techrepublic.com.com...1-6102399.html

                Comment

                Working...
                X