Configuring Access Guardian Using Guest Tunneling
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 28-83
Using Guest Tunneling
Guest Tunneling is a mechanism that is used to identify and isolate guest traffic from the rest of the
internal network traffic. The tunneling protocol used is Layer 2 Generic Routing Encapsulation (GRE). A
GRE tunnel is defined by configuring one end of the tunnel on an edge (access) switch and the other end
of the tunnel on a Guest Tunnel Termination Switch (GTTS).
• Traffic received on the edge switch is classified into a UNP guest profile that is mapped to a Layer 2
GRE tunnel. The guest traffic is then encapsulated and tunneled through the network to the GTTS.
• When the tunneled traffic reaches the GTTS, the GRE encapsulation is removed and the traffic is then
forwarded through a physical loopback port to a VLAN domain. At this point, the guest traffic can gain
access to a perimeter network and/or the Internet.
There are two scenarios in which guest traffic is identified and isolated:
• Device traffic received on a UNP bridge port is classified directly into a UNP Guest profile that is
assigned as the default profile for the UNP port. This occurs when Layer 2 authentication or
classification does not return a UNP assignment for the device. The UNP Guest profile is mapped to a
Layer 2 GRE tunnel through which the device traffic is tunneled to the GTTS.
• Device traffic received on a UNP bridge port is initially classified into a UNP VLAN profile.
Secondary authentication (such as Captive Portal or BYOD) then assigns the device traffic to the UNP
Guest profile that is mapped to a Layer 2 GRE tunnel through which the device traffic is tunneled to
the GTTS.
This section provides the following information regarding configuring and using the OmniSwitch Guest
Tunneling mechanism:
• “Configuration Overview and Guidelines” on page 28-84.
• “Quick Steps for Configuring Guest Tunneling” on page 28-88.
• “Guest Tunneling Configuration Example” on page 28-90.
To Next Page
Loading...
Need help?
General
