Table of Contents
Advertisement
Chapter 4 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Scenarios - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Chapter 4
Scenario 6: Public/private access with VLANs
This scenario illustrates how to use multiple SSIDs and VLANs to securely share the
wireless infrastructure between public and private users.
How it works
In this scenario, the corporate network has four VLANs.
• VLANs 51, 52, 53 and 70 are assigned to the corporate Intranet and are used by
• VLAN 60 is used by guests and is mapped to the CN3000. Access lists on the
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 90 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
employees. VLAN carries authentication traffic to the RADIUS server.
CN3000 control the network resources guests can reach. For example, guests can
use the Internet and specific servers or printers on the corporate Intranet.
CN3000
Access controller
VLAN 60
CN300
Public WLAN
The Public WLAN is not mapped to a VLAN,
and has no wireless protection enabled. All
traffic is forwarded onto the default VLAN of
60 that is assigned to the downstream port.
VLAN 70
Corporate
Intranet
VLAN 51, 52, 53, 70
switch with
trunk port
802.1Q trunk
CN300
Downstream port is
mapped to VLAN 60.
Private WLAN
The Private WLAN has WPA support enabled
and is mapped to VLAN 70. Once users login,
their traffic is routed to VLAN 51, 52, or 53
according to the setting in their RADIUS account.
RADIUS server
CN300
- Quick Links:
- Introduction
- Wireless Radio
- Logging in
- Reset Button
Hide quick links:
Advertisement
Table of Contents
