Tunnel traffic to an alternative ISP SZ100

  • 1
  • Question
  • Updated 6 days ago
  • Answered
  • (Edited)
Hi. 

Sorry for asking a question that might have been discussed on another forum but if someone can assist that will be great. 

We have a client that have a SZ 100 onsite with APs connecting to the SZ trough a L3 network. 

They have 2 service providers, 1 for the corp network and 1 for guest access. The corp network get offloaded from the AP to a local switch/router. 

is it possible to tunnel the traffic from the AP to SZ and then either break out on the 2nd service provider or hand off to a Mikrotik router?

if yes is there anyone that can guide me trough this. been playing around with the GRE and Soft GRE tunnels but not winning 

thanks 
Photo of Jaco Heever

Jaco Heever

  • 3 Posts
  • 0 Reply Likes

Posted 2 months ago

  • 1
Photo of Michael Brado

Michael Brado, Official Rep

  • 3069 Posts
  • 442 Reply Likes
Yes, you should be able to tunnel your Guest Network WLAN back to the SZ controller, and VLAN it off to either ISP, versus local break out (LBO) and drop client traffic for the corp net at the AP switchports.
The SZ-100 has built in Dataplane, so just configure Tunneling under your Guest Access WLAN advanced options.  We use RGE by default, no 3rd party equip required.
(Edited)
Photo of Jaco Heever

Jaco Heever

  • 3 Posts
  • 0 Reply Likes
thank michael, 
Photo of Jaco Heever

Jaco Heever

  • 3 Posts
  • 0 Reply Likes
Can you maybe advise how to config the SZ100 physical port/vlan to hand off traffic? I could create the gre and ssid to use the gre but cant get the guest traffic to offload on second isp breakout on the sz100
Photo of Robert Lowe

Robert Lowe

  • 224 Posts
  • 53 Reply Likes
In the WLAN go to config, then advanced and enter a VLAN other than 1 for the guest traffic. Then at the existing controller LAN switch port, make the guest VLAN a 'tagged' VLAN or a trunk allowed VLAN depending on the switch manufacturer you are using
Photo of Robert Lowe

Robert Lowe

  • 224 Posts
  • 53 Reply Likes
Thats assuming you have already ticked the 'Tunnel this SSID to the controller' check box