HPE Community
M and MSM Series
1753797 Members
7039 Online
108799 Solutions
New Discussion

MSM 765zl + Guest Wifi design questions.

 
Seth_Hoffman
New Member

‎04-17-2014 08:52 AM - edited ‎04-17-2014 08:53 AM

‎04-17-2014 08:52 AM - edited ‎04-17-2014 08:53 AM

MSM 765zl + Guest Wifi design questions.

I recently purchased all new Procurve networking equipment to do a house wide refresh for the hospital I work for.

 

I'm working on setting up a guest wifi service for our patients.

 

I have a 5406zl with a 765zl Mobility Controller. I've done basic VLAN configs for our VoIP phones. However, I'm having some trouble wrapping my mind around the guest wifi VLAN configuration.

 

This is what I want to accomplish:

 

- Two SSIDs (VSC) one for our main network and one for our guest network.

 

- When a client connects to the main VSC they are given a DHCP address from our main DHCP server and are directed directly to their destination, not going through the 765zl controller.

 

-When a client connects to the guest VSC they are given a DHCP address from the 765zl controller and access control is applied via HTML login. Then the traffic would be egressed out on VLAN 20 to our Dell Sonicwall "guest ports" onto the Internet.

 

-Leverage QoS at the 765zl controller for the guest network to provide only a portion of our 50Mb ISP connection (if this is even possible). We will handle content filtering at the Sonicwall.

 

I have a couple questions around this:

 

- Does the port that the AP is plugged into on our switch(s) need to have both VLAN u1 and t20, or does the AP create a tunnel back to the controller inherently regardless of VLAN?

 

- What is the reason/benefit of using the logical WAN port (F1) on the controller?

 

- Is there a way to present an HTML page via access control but remove the requirement to login? Ideally I'd like the guest clients to just connect to the open guest network, view a page to accept the ToS, and then continue onto their requested website without having to login.

 

- How should the tagging be configured for the guest VLAN 20 internal to the controller to enable this design?

 

Thank you for any information you can offer. I think I'm close to understanding how this process works, but I would like a second opinion.

 

-Seth

 

 

 

 

 

 

 

 

 

 

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.