GigaWave Technologies
 Cisco Training Courses
 Cisco Certification Classes












Enabling Wireless Guest Access Through Mobility Anchors

Guest wireless LANs (WLANs), are increasingly necessary but anyone considering making a guest WLAN is faced with several questions:

>> What are the risks?
>> Will I need additional virtual LANs (VLANs)?
>> How do I keep guests separated from the production network?
>> How does this change affect my access point (AP) deployment?



Q: How do I enable wireless guest access without disrupting the integrity and safety of the main network?
A: Mobility anchors used in Cisco’s controller-based architecture give you a risk free solution that need no additional VLANs and require no changes to how your APs are physically deployed. Even though guests use the same APs as corporate users, the controllers logically separate guest traffic from the corporate LAN, ensuring the corporate LAN’s safety.



Explanation:

When a WLAN is configured on a controller, the controller, in turn, adds that WLAN to each of its connected APs. All that is required is to configure an anchor controller for that WLAN so that any user connecting to the WLAN is automatically tunneled from the controller they initially connect to (known now as a foreign controller) back to the anchor controller(s). This tunnel is used by all of the WLAN’s users. Using a mobility anchor causes the guest, no matter where they are physically located, to be connected logically to the anchor controller’s subnet, typically a DMZ. ACLs or firewalls can then be used to determine where the guest is now allowed to go. Note that the anchor controller needs to be a minimum of a 4402 controller.



So how do I configure a mobility anchor for guest mobility?

Detailed Configuration Instructions:

1. Establish a mobility group which will include your foreign and anchor controllers.
2. Establish a DMZ and place the anchor controller inside the DMZ.
3. Establish the guest WLAN on the foreign and anchor controllers.
4. Move the AP to the production network.

>>  Select WLANs>Mobility Anchors (for the guest WLAN)

>>  Select IP address of the mobility anchor from Switch IP Address (Anchor) drop down list and click the Mobility Anchor Create button

>>  The controller is now added as a mobility anchor for the guest WLAN.

Warning: Creating a mobility anchor for a WLAN will fundamentally change the way the WLAN is used, causing the WLAN to stop and restart. Doing so will make users lose connectivity. This change is best performed when there are no users on the guest WLAN.



To learn more, contact GigaWave Technologies at 210.375.0085 or info@giga-wave.com



Home  |  Courses / Register  |  Services  |  About GigaWave  |  Giga-News  |  Testimonials  |  E-Newsletter  |  Contact Us