Captive portal options in WiNG v5.9

  • 1
  • 1
  • Question
  • Updated 1 month ago
  • Answered
Hi,

I have VX9000 controller and extreme AP 7502, I have created 4 SSIDs(Students, Admin, Teachers, Guest)in the controller. I need to access the internet through created SSIDs.what are the steps needed to access the internet through created SSIDs?


Thanks
Niyas P
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb

Posted 2 months ago

  • 1
  • 1
Photo of Wei Liang Loh

Wei Liang Loh, Employee

  • 462 Points 250 badge 2x thumb
Hi Niyas,
Good day to you,

You might want to plan if you want to have separate vlan or using the vlan that you having right now.
As there are many way to access the internet through SSID, appreciate if you can let us know in details, so that we can assist for it.

Thank you
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Wei,

I have 4 SSIDs with separate VLAN, I need to access the internet through SSIDs

Please find the VLAN and SSIDs details

Vlan ID                             SSID

22                                    Teachers
24                                    Students
33                                    AdminStaff
34                                    Guest





Thanks
Niyas P







Photo of Wei Liang Loh

Wei Liang Loh, Employee

  • 462 Points 250 badge 2x thumb
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Wei,

Actually, our network is VLAN based with one VX9000 controller and around 60 APs.we have 4 SSIDs with different VLAN. For testing purpose now I have deployed one AP7502 to the controller and created 4 WLAN in the controller. i need to access the internet through created SSIDs.


Thanks
Niyas P
Photo of Wei Liang Loh

Wei Liang Loh, Employee

  • 462 Points 250 badge 2x thumb
Hi Niyas,

Basically you want vlan that you created able to access internet, let me know if I am getting it wrong.
You will have a vlan that able to access internet (example, vlan 1)
And you have few vlan that you create for new SSID (vlan 22, 24) which is unable to access internet.
You will need to NAT your vlan 22 to vlan 1 using the guide shown.

Thank you

Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Wei,

I mean, I need to access the internet through all created SSIDs with a  security password and some SSIDs have limited bandwidth.


Thanks
Niyas 
Photo of Wei Liang Loh

Wei Liang Loh, Employee

  • 462 Points 250 badge 2x thumb
Hi Niyas,

Can I check with you which vlan that able to access internet now?
Appreciate if you can explain in details on what issue that you facing now.(client unable to connect SSID, etc)

Thank you

Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Wei,

I have data VLAN 18 (internet access) and is tagged to an Extreme switch port, then I have connected VX9000 controller to that port.what are the configuration needed in controller side to access the internet?


Thanks
Niyas P
Photo of Wei Liang Loh

Wei Liang Loh, Employee

  • 462 Points 250 badge 2x thumb
Hi Niyas,

Good day,

In your controller ge port, you will need to allow vlan 18 to go through, and for other vlan that you create for SSID (vlan 22,24,33, and 34) you will need to use NAT to vlan 18 to enable them access to internet.

Thank you
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Wei,

How to configure GE port in controller?


Thank you
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Wei,

I have one doubt, I have voice VLAN 17, I need to access it through access point FE1 or FE2 port. Any configuration needed in controller side?

Thank you
Photo of Nuno Rocha

Nuno Rocha, Employee

  • 130 Points 100 badge 2x thumb
Niyas, in your case you have 2 options, but first remember that the VX9k does not terminate tunnels for Client data.
1 st option 
you extend your vlans from the AP up to the internet router, and you configure NAT and ACL on the router plus Roles on the AP's to secure everything
2 nd  option
you get vlan 18 to the AP configure NAT and Roles on the APs.

as for your voice vlan you can just create a new SSID voice VoIP and extend the vlan 17 to the AP and configure QOS for it.

Hope this helps
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Nuno,

I have configured my dada VLAN 18 throughout the network including router, core switch and edge switch.i have doubt in controller side, how to enable data VLAN 18 in controller side?


Thank you
Photo of Nuno Rocha

Nuno Rocha, Employee

  • 130 Points 100 badge 2x thumb
Hi Niyas
the vlan creation on the controller is done the same way as on the APs the only difference is that you'll be modifying the Controller profile and no the AP Profile, don't forget to also add the vlan on you virtual environment.
you can look at the same link posted before for the Nat Configuration.
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
 Hi Nuno,

My controller is running in VMware platform, so the server has only one ethernet port. when I log in to controller interface showing ge1,ge2,xge1 etc.how to find out connected GE port and how to enable data VLAN in GE port.


Thank you
Photo of Nuno Rocha

Nuno Rocha, Employee

  • 130 Points 100 badge 2x thumb
Hi Niyas, 
follow this link:
https://kb.vmware.com/s/article/1004252

Or create more ports on the VX.
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Nuno,

Please find the below screenshot,this is correct or not.my data VLAN is 18







Thanks
Niyas P

Photo of Nuno Rocha

Nuno Rocha, Employee

  • 130 Points 100 badge 2x thumb
Hi Niyas,
change the mode to trunk, configure the native vlan as the untagged vlan, configure the list of vlans that you want to allow, and after create the virtual interfaces for those vlans.
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Nuno,

Please find the below screenshot, this is correct or not? my voice VLAN is 17, I need to access voice VLAN 17 through AP FE1 port, so need to allow through controller also?




Thanks
Niyas
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi,

I have one doubt, my controller IP is 10.4.4.41/22 with VLAN 14 and my data VLAN is 18.controller is running on VMware platform with only one GE port.so how to configure ge1 port of controller?

Please find the below settings, this is correct or not

Native VLAN 14 with IP:10.4.4.41/22
Mode : Trunk
Allowed VLAN: 18,20,22,24,33,34






Thank you
Niyas P







Photo of Nuno Rocha

Nuno Rocha, Employee

  • 130 Points 100 badge 2x thumb
Hi Nyas,
on the controller you will only need the vlan 14, all the data traffic will exit out of the AP to your network either as bridge, your VoIP VLan, or with NAT for your other vlans if you so wish it.
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Nuno,

VLAN 14 is our management VLAN, you mean no need of data VLAN in Controller?



Thank you
Photo of Nuno Rocha

Nuno Rocha, Employee

  • 130 Points 100 badge 2x thumb
Hi Niyas,
Yes it's exactly that, all data traffic with be delivered to your network at the AP.
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi Nuno,

I mean controller interface GE configuration
Photo of Niyas

Niyas

  • 942 Points 500 badge 2x thumb
Hi,

Please find the below screenshot,its right or wrong?




Photo of Nuno Rocha

Nuno Rocha, Employee

  • 130 Points 100 badge 2x thumb
Niyas, you're configuration looks ok none the less, you should check your topology, do you want de VX to be the default gateway for those vlans and provede Nat?
as Stated before VX does not terminate data Tunnels, so the data traffic is delivered to the network at the AP on the switch port to which it is connected.