+ Post New Thread
Results 1 to 6 of 6
Wireless Networks Thread, Am I the only person using Cisco WLC ?? in Technical; hi newbie to posting.... I've been digging around for the solution on how to sort transparent proxy for BYOD on ...
  1. #1

    Join Date
    Mar 2007
    Location
    Winchester
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Am I the only person using Cisco WLC ??

    hi

    newbie to posting....

    I've been digging around for the solution on how to sort transparent proxy for BYOD on wireless, and info using cisco kit is - to say the least - sparse :-(

    have got guest wireless, using separate vlan/dhcp/port on LEA switch, using 5508 WLC, and ASA 5520 (DHCP, option for pac file which works for IE, but nothing else!) and want zero touch on as many devices as possible, just for internet access... I must be missing something obvious, at least I hope I am as I can't believe with this kit I can't configure this !

    tell me I'm not alone !!!

    cheers
    Anne :-)

  2. #2


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,627
    Thank Post
    275
    Thanked 777 Times in 604 Posts
    Rep Power
    223
    You appear to have missed the "set the default gateway for BYOD devices to the proxy server's IP". Though this may/will break certain things, depending on your proxy rules.

    Most clients should be picking up the .pac file if it's constructed correctly (they may need to be set to something like "automatically detect proxy" (i.e if there's a .pac, use it, otherwise proceed as normal).

    We just handle it via the gateway flipping.

  3. #3

    Join Date
    Mar 2007
    Location
    Winchester
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    hi
    the default gateway is the local ASA device (which is the DHCP server for that scope).

    The proxy I am using is at the LEA, so using URL for that, not IP address, I do have a local pac file on the rest of the college VLAN, but that isn't accessible from this guest WLAN VLAN. It is picked up fine by IE with 'automatically detect settings', but other devices (RIM/Andriod/iPhone) need the info to be put in manually, which is what I want to avoid...

    Excuse my ignorance, but what do you mean by gateway flipping ?

    thanks...

  4. #4


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,627
    Thank Post
    275
    Thanked 777 Times in 604 Posts
    Rep Power
    223
    Quote Originally Posted by am_may View Post
    hi
    the default gateway is the local ASA device (which is the DHCP server for that scope).

    The proxy I am using is at the LEA, so using URL for that, not IP address, I do have a local pac file on the rest of the college VLAN, but that isn't accessible from this guest WLAN VLAN. It is picked up fine by IE with 'automatically detect settings', but other devices (RIM/Andriod/iPhone) need the info to be put in manually, which is what I want to avoid...

    Excuse my ignorance, but what do you mean by gateway flipping ?

    thanks...
    Sorry, I meant "rather than using the standard gateway (our usual edge router), we set the gateway to our (internal) proxy". We then handle validation / filtering policies based on the incoming device.

  5. #5

    Join Date
    Mar 2007
    Location
    Winchester
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    so am I right in thinking then that I need something like TMG to handle that - the ASA (afaik) doesn't have that functionality, there's probably another cisco box that does :-(
    thanks :-)

  6. #6
    januttall's Avatar
    Join Date
    Sep 2010
    Posts
    225
    Thank Post
    17
    Thanked 28 Times in 28 Posts
    Blog Entries
    1
    Rep Power
    13
    We have a ubuntu box with 2 nic's, FireHol On it and squid and we set it to the Gateway in DHCP and set firehol to forward ports to squid wich throws them onto the correct proxy it is on its own network thats only used for wireless but it works great we dont have to do any fideling with setting proxys. and the data can get filterd as well if you put dans guardian on between the firehol and squid(this is what we have done). if you want any of the basic config ill be happy to help.
    Last edited by januttall; 1st March 2012 at 01:04 PM.

SHARE:
+ Post New Thread

Similar Threads

  1. Am I the Only Band-Geek?
    By HaleStorm in forum General Chat
    Replies: 34
    Last Post: 23rd May 2011, 10:35 AM
  2. VLEs in Norfolk - Fronter the only choice?
    By cheredenine in forum Virtual Learning Platforms
    Replies: 17
    Last Post: 7th July 2009, 10:18 PM
  3. Connect using CISCO VPN on pre-logon
    By FN-GM in forum How do you do....it?
    Replies: 1
    Last Post: 22nd May 2008, 08:21 PM
  4. Personal use of school laptops and tax
    By plexer in forum General Chat
    Replies: 22
    Last Post: 14th March 2008, 03:35 PM
  5. PC needed for Personal use - which suppliers?
    By Hoggy in forum Recommended Suppliers
    Replies: 34
    Last Post: 14th September 2007, 12:42 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •