What is an Ethernet over IP (EoIP) tunnel to the unsecured network area?
A. Cisco recommends the use of a controller dedicated to guest traffic. This controller is known as the guest anchor controller. The guest anchor controller is usually located in an unsecured network area, often called the demilitarized zone (DMZ). Other internal WLAN controllers from where the traffic originates are located in the enterprise LAN. An EoIP tunnel is established between the internal WLAN controllers and the guest anchor controller in order to ensure path isolation of guest traffic from enterprise data traffic. Path isolation is a critical security management feature for guest access. It ensures that security and quality of service (QoS) policies can be separate, and are differentiated between guest traffic and corporate or internal traffic. An important feature of the Cisco Unified Wireless Network architecture is the ability to use an EoIP tunnel to statically map one or more provisioned WLANs (that is, SSIDs) to a specific guest anchor controller within the network. Al
Related Questions
- In guest tunneling, how many Ethernet over IP (EoIP) tunnels can be formed between a single anchor WLC to different internal WLCs?
- Can I create Ethernet over IP (EoIP) tunnels between controllers that run different software versions?
- How many Ethernet over IP (EoIP) tunnels can be terminated on a guest anchor controller?
