How to give temporary or occasional access to guests on office wi-fi network.

Posted on 2007-03-27
Last Modified: 2013-11-12
I would like to know the best way to handle a change on an office network for a school. Currently there are a number of wireless clients (approx 30 laptops) throught the school buildings. There are a total of 4 wi-fi access points to provide complete coverage. The same non-broadcast SSID is used everywhere along with the same WEP key.
I would like to open up access occasionally for visitors/guests to access the internet (no need for domain access). What is the best way to do this with no interruption of the existing connections but without giving out the permanent WEP key. Also, for ease of use I thought about temporarily broadcasting the SSID when the need arises.
The other though I had was to purchase an additional AP just to use for this purpose, but if there is a good way to do it using our existing hardware that would be preferred.

Question by:jmolhava
  • 2
  • 2

Accepted Solution

mattyfonz earned 500 total points
ID: 18804895
you could create a guest account with specified login hours to restrict public wireless activity.
i would personally get another AP and configure it to broadcast a different SSID specifically for public access so that when guests login and download they dont saturate the teachers wireless network. some AP actually have the option to enable/disable wireless at specific times to can also configure that to match your guest accounts login restriction hours as well.

are you using RADIUS  to authenticate your wireless clients?

Author Comment

ID: 18804988
We are not using RADIUS.

The only drawback to using a separate wireless AP is that it cannot cover the whole campus. Most of the time it will be OK because the main need will be in the office area but it will be a limit without buying a few AP's.

If there is any way to do it with our existing network that would be great.

I am not an expert with wireless networking so I don not know if this is just dreaming, but it would be great if we could have a wireless network that would allow internet only access on a subnet for non-domain users.

Expert Comment

ID: 18805252
hmmm i think it is quite difficult to setup what you want without using RADIUS.
if you use the existing wireless you would have to give public users the wep key to connect to the wireless. this should give them access to the internet, if they attempted to connect to any network resources they would be prompted for a user name and password if your security is configured appropriately. the problem with this is that once you give them the wep key, they can connect at any time they wanted which creates a bit of a security concern (not to mention your using WEP instead of WPA). as i mentioned before, if you do use the existing wireless and a public user is downloading extensively off the internet, transferring large files over the wireless etc. all other users connected to the same AP will slow down to a crawl.

Maybe you should looking into setting up RADIUS for your wireless authentication, that way you can create a public user account that you can configure to only be enabled at certain times, have auditing etc.

I cant think of any other conventional admin friendly ways to do what you want other than changing the wep key every time you give it out to a public user. which would be a hassle to say the least. and on second thought, you mentioned that you were in a school. having an open public access point would be pretty risky in my opinion..


Author Comment

ID: 18885130
Sorry for not responding sooner...

I think that your first suggestion of using another AP with its own SSID and subnet is the best solution for us without setting up RADIUS or buying some more expensive AP's.


Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
home router to use as repeater  (signal extender) 10 33
Best Access Point Device 25 72
Unifi AP 4 85
How do I connect a Canon WFT to a computer running Windows 7? 4 36
This article is split into background info to start and actual review at bottom: Some time ago I wanted to sell a system with both wired and wireless capability but at minimum expense.  Having visited my trusted online auction I was pleasantly su…
In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question