cancel
Showing results for 
Search instead for 
Did you mean: 

How do I create an SSID with only internet access on WM3600 with AP4610s

How do I create an SSID with only internet access on WM3600 with AP4610s

CHRLX-ENG
New Contributor
I need to create an SSID for our clients that will only allow internet traffic. I want to block all other traffic to our LAN. How can I accomplish this? Thanks in advance.
7 REPLIES 7

PARTHIBAN_CHINN
Contributor
Here is the guide for basic controller configuration

https://www.dropbox.com/s/4kb5p5rl1ycxakl/SVC%20Tech%20Implementation%20Guide%20WM3000%20Series%20SW...
use this as a reference.

PARTHIBAN_CHINN
Contributor

b5554cb4e8164599bccd581e727e9293_RackMultipart20150116-1890-fzm0wt-wireless_inline.png


Note:Assumed L2 switch is a POe enabled switch.

I assume your default gateway is wireless controller and routing is done in controller
1.Assign ip address to controller
2.Create a wlan and map the ssid to the vlan.
Note:bridge mode "local" and bridge mode "tunnel" are two options.
3.map the required secuirty setting in the wlan. [wep,wpa2 etc]
4.Map the wlan to the radios.[wlan mapping]
This will get your wireless network up and running.
with static ip to clients.
now if needed you can use wireless controller as DHCP server or use and external dhcp server
for wireless clients
Gui is the easiest way to configure the controller.

Once the above steps are followed implemented and tested.

Add acl in controller to block specific subnets so that wireless subnets can access only internet.
below is the syntax.reference guide and user guides are available.

http://extrcdn.extremenetworks.com/wp-content/uploads/2014/01/WM3000CLIReferenceGuide_5.2.pdf

deny ip [|any|host ] [|any|host]
[log rule-precedence <1-5000>|rule-precedence <1-5000>]
{rule-description }

Hope this throws some light for your requirement.

CHRLX-ENG
New Contributor
Parthiban... I appreciate your reply, but it is very vague. How can I accomplish what you are recommending? Thank you.

CHRLX-ENG
New Contributor
Daniel... The router is on a different VLAN and therefore cannot be used as a default gateway. Thanks.

GTM-P2G8KFN