Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 234
  • Last Modified:

802.11g security question

Hello!
I want to setup a wireless access point in my company. It should provide wireless Internet access for guests but can also be used by employees for network and Internet access.

What options are there for providing wireless Interness access to guests with as little hassle as possible while maintaining network security?

What should I read to get up to speed on wireless security issues?
0
rj2
Asked:
rj2
4 Solutions
 
stevenlewisCommented:
http://www.drizzle.com/~aboba/IEEE/
best practice is to have good basic netowork security (shares protected, etc). It will be a trade off of security and guest access, at best
0
 
MarakushCommented:
rj2,

I suggest that you setup 2 wireless access points. One that is a stright pipe to the net with like 5 IP addresses issued via DHCP. If you don't use WEP on it (Its a pain to configure guests laptops in a conf room each time) unplug it when you don't have anyone visiting. When you know there is a meeting with outside ppl, plug it in, wait 30 seconds and your off.

Set the second router up and have strong encryption enabled, and configure each laptop / workstations with the proper keys, keep this on for internal use.

Marakush
0
 
jeopboyCommented:
Accidentally sent my message while I was still editing!!!  ARRGGH!

For best network security, buy 2 access points.  Set the first up on your internal network using the highest security the AP will support (at least turn off broadcast SSID and turn on WEP).  You can then use this info for employees to access the internal network and get to the internet the same way they are doing today.  For maximum security here, read about implementing WPA using a RADIUS server so that only people with network logins can use the access point.

Set the second Access Point up outside your firewall/proxy server with broadcast SSID and no WEP.  This will allow ANYONE to use your internet connection.  Downside is that ANYONE can use your internet connection.

For better protection, add WEP and share the WEP key with your authorized guests or add MAC address security on the access point.  Downside is that you have to be involved in each guest's setup.  You could also use WPA and RADIUS here with a "guest" account that you share with your authorized guests.

Sorry for the disjointed message earlier.

0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
MarakushCommented:
jeopboy ,

ROFL I beat ya by 2 mins with the same answer hehehe...

Marakush
0
 
jeopboyCommented:
The real bummer is that I had the answer about 5 minutes earlier and hit the submit button too early. (TAB-TAB-Enter oops!)

Ah, well - that's life in the fat-fingered lane! ;-)

Have a great day.
0
 
MarakushCommented:
hehehe Yep, happens to me all the time....

<TAB> <TAB> <RETURN> <YEll DAMN IT> hehehe

Marakush
0
 
rindiCommented:
Setup a VPN between the AP and the LAN (make sure it is on a separate subnet). Users connecting via wireless to the lan will need to start VPN client on their laptop, making communication between laptop and lan secure. The guests on the other hand can connect only to the inet.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now