Dedicated DHCP Address

We have been "told" to setup a "client" Wireless Access point so visitors can be given  the  "password" and have internet access when in the office.

We have attached a Netgear WN802T to the network which people can connect to without any problems.

The problem,

When a visitor connects they are givern a IP address from the companies DHCP servers.  These
address do not have internet access as we use a proxy server and only certain IP's have external firewalls access. I need a way of ensuring the Access Point gives out a certain range of IP's via DHCP that can be allowed direst internet access.

Thankyou in advance

SGPITAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
dhoffman_98Connect With a Mentor Commented:
Rindi,

I think more than enough sufficient information was provided to mark this as a force accept instead of abandoned.
0
 
dhoffman_98Commented:
You should be able to set up your wireless access point with NAT. That's Network Address Translation. Most current access points have this capability and will have their own internal DHCP server. You can have this server give out addresses on a private subnet just to be used for your wireless users that connect to that access point. Then all traffic coming from that access point to your companies network would appear to be coming from the same IP Address, but the NAT router in the Access Point keep control of making sure that the right information is returned to the right session.

If all of the traffic appears to be coming from the one IP Address, then it's easy enough on your network to create a rule that allows that one address to get through to the Internet.

In this configuration, you would assign the AP a specific address that you would configure on the company firewall to allow access. Then enable the NAT configuration on the AP, and assign a new range of addresses on the AP's DHCP server to assign only to wireless clients.
0
 
SGPITAuthor Commented:
"You should be able to set up your wireless access point with NAT"

Not on the WN802T, its purely a "access point only" (as I understand).

2will have their own internal DHCP server"

No internal DHCP Server, hence the problem.  It passes the requests to the internal DHCP Servers without a problem but "unless I know" the visitors mac address then they fail to get internat access.



0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
dhoffman_98Commented:
Then I'm sorry. You might want to go back to the people that gave you those requirements and ask them to pay another 40-50 dollars for an access point that can do NAT translations.
0
 
wally2k7Commented:
Can you not connect the access point to the outside world directly, I assume all they need is the internet not internal lan connection. That would still pose a problem on the DNCP side however. A wireless router to replace your current access point. Bypass the network completely and connect straight into your external internet connection. That should do the triclk, ?? :-S maybe.

Am I going anywhere near the right direction??

Regards, Rich
0
 
SGPITAuthor Commented:
"Can you not connect the access point to the outside world directly, I assume all they need is the internet not internal lan connection. "

The access point are used for internal and external access.  Depending on their assigned IP the firewall then allows/dis-allows internet access.

Is there a "cost effective" acces spoint that has "inbuilt" dhcp.

Thankyou
0
 
dhoffman_98Commented:
"Is there a "cost effective" acces spoint that has "inbuilt" dhcp"

Yes... very cost effective. Check out Linksys, Dlink, Motorola...
I have a few Linksys BEFSR41's. They have a 4 port switch as well as the wireless connectivity. One port is used for connecting to your LAN. Then the router provides Network Address Translation (NAT) and built-in DHCP. The addresses given out are on their own private subnet (192.168.1.x) and the gateway and DNS information are automatically sent to the clients. The LAN side can be set static, so your firewall configuration can be set up so that clients that come from that source address automatically get the proper access to the Internet.

The BEFSR41 is only 802.11b, so it only supports 11Mbits. I wouldn't suggest that to anyone now. Instead check out the WRT54G which is 802.11g. Here's some information I copied from the product info page at Best Buy (where the unit costs only $69.99).

Product Features:
- Wireless-G networking (54g) allows stepped-up data transfer speeds while maintaining worry-free compatibility with 802.11b networks
- Up to 54 Mbps data transfer rates — almost 5 times more than typical 802.11b rates
- 2.4GHz wireless frequency (802.11g- and 802.11b-compliant)
- Compatible with 802.11b networks (at 11 Mbps)
- Share high-speed broadband Internet access plus files and printers among multiple computers, with or without wires
- Built-in 4-port 10/100 Ethernet switch with auto speed sensing
- Capable of up to 128-bit WEP (Wired Equivalent Privacy) encryption
- Advanced security with NAT technology, VPN pass-through and MAC or IP address filtering
- Ability to act as DHCP (Dynamic Host Configuration Protocol) server for existing network (a new computer can be added to network without manually assigning it a unique IP address)
- Easy browser-based configuration utility


0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.