Configuring Access Guardian Using Guest Tunneling
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 28-90
Guest Tunneling Configuration Example
All traffic identified as guest at the edge switch is tunneled through an L2 GRE tunnel to the Guest Tunnel
Termination Switch (GTTS). When the traffic reaches the GTTS, the GRE encapsulation information is
removed and the traffic is then forwarded through the Guest VLAN to the Internet. Access to all the
network resources, such as DHCP and DNS, is also provided through the guest tunnel for the guest traffic.
The L2 GRE tunnel originates from the edge switch and terminates at a single GTTS.
The following diagram provides an example of a Guest Tunneling configuration:
OmniSwitch Guest Tunneling Configuration Example
In this configuration example:
• A UNP Guest profile is configured on Edge Switch-1 and Edge Switch-2. The Guest profile is mapped
to an L2 GRE tunnel service.
• Traffic from the Guest-1 and Guest-2 devices is classified into the UNP Guest profile, encapsulated,
and then tunneled through the L2 GRE tunnel to GTTS-1.
Internet
Guest-2Employee-2
RADIUS/BYOD Server
DHCP/DNS/ADS Server
Employee-1
IP Router Switch
Edge Switch-1 Edge Switch-2
Guest-1
GTTS-1
Loopback0 IP 20.0.0.1 Loopback0 IP 10.0.0.1
10.0.0.2 20.0.0.3
30.0.0.1
1/1/21/1/1
1/1/3
1/1/1 1/1/2
1/1/1
1/1/2
1/1/3
1/1/3
1/1/1
SAP 1/1/2:50
1/1/3
Loopback0 IP 30.0.0.2
VLAN 50
1/1/4
VLAN 50
LAN
L
2
G
R
E
T
u
n
n
e
l
L
2
G
R
E
T
u
n
n
e
l
To Next Page
Loading...
