Trying to spin up a Guest Network at a remote office. We have a ASA5525X down to 2960Xs. Pretty basic.
Below is the ASA config I have in place
interface GigabitEthernet0/0
description INSIDE
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/0.1
vlan 100
nameif inside
security-level 100
ip address 192.168.100.1 255.255.255.0
!
interface GigabitEthernet0/0.2
vlan 200
nameif Guest_WIFI
security-level 100
ip address 192.168.200.1 255.255.255.0
!
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
!
dhcprelay server 192.168.100.12 inside
dhcprelay enable Guest_WIFI
!
access-list acl_guest extended permit udp any4 object Domain_Controller eq bootps
access-list acl_guest extended permit udp any4 object Domain_Controller eq bootpc
access-list acl_guest extended permit IP any4 Domain_Controller (tried this as well just as a test)
!
access-list acl_inside extended permit ip object Domain_Controller object Guest_WIFI
!
The switches are setup with like
Vlan 100
ip address 192.168.100.5 255.255.255.0
!
Vlan 200
no ip address
!
Trunk port to the ASA
The Domain controller is setup with the scope Wondering if I am missing anything here. thanks in advance.
No comments:
Post a Comment