WIFI Controller, Public WIFI for GUEST.
WIFI for Guest
Let’s say, There is a cafe inside your open office, and it is run by yourself. You can want to provide free WIFI to your customer when they enjoy your Coffee.
Normally as we know. An Access point (“AP“) is connected to Switch, which is by Access port. We can assign it to a VLAN. So we will need 2 AP specifically for Two different SSID. That is not Clever.
VLAN 1 – for employee (“SSID: Private”)
VLAN 100 – Public guest (“SSID: Public”)
- Figure 1.1 – Network
- Figure 1.2 – Trunk link between switch to switch, switch to AP
WIFI Controller
We can use Wireless LAN Controller + Lightweight AP (“LAP“) to resolve this issues.
The WIFI controller, it will send signal to LAP, Each AP both have a set of SSID which you want to create. Here I have created 2 SSID one for priate , another for public and belong to different VLAN.
Both AP will have the same SSID and cover a bigger area.
- Figure 2.1 – VLAN 1 Private
- Figure 2.2 – VLAN 100 Public
WIFI GUEST – Client unable to obtain IP address
All are setup, ready to go.
OPS! one of the client who is connected to Public WIFI, can’t get an IP address.
On figure 3.1, we can see that The packet on FA0/3 is blocked by STP. So the DHCP Packet is stopped at the SW2. Therefore it can’t reach the DHCP Server. We will use command ” Show interface FA0/3 switch port” to get more information
We identified the issues here, the port should be a trunk port. It is dynamic auto, became a Access port. After we change to Trunk, Now Public WIFI users are able to obtain IP.
- Figure 3.1 – Packet detail
- Figure 3.2 – APIPA IP address
- Figure 3.3 – Switchport detail
Different Path same destination
WIFI Client , it will create broadcast traffic. The reason being is ARP, DHCP request…
If It is a busy cafe, every mins , you will have a new customer and try to access your public WIFI. As you can see on figure 4.1 Broadcast traffic.
Do you want all Public WIFI client go the same path to your Firewall/ Router. Which may affect your employee’s LAN network performance? We can put another device at the right hand side, which is act like a Router.
. On Figure 4.2 , we can see employee traffic from SW1 directly go to the Firewall. WIFI Public client will got to WIFI gateway first then go to Firewall. It can pop up a splash page for your public guest, Divert your public WIFI client from your employee, you can put different restriction in please
- Figure 4.1
- Figure 4.2
