Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Questions about Cisco Wireless setup.

Posted on 2008-06-17
3
Medium Priority
?
290 Views
Last Modified: 2013-11-09
Hello Experts,
We are implementing a wireless warehouse inventory scanning system and I would like to make it as secure as possible.
Network Infrastructure is Dell layer2 switches - one subnet.
Access Points are Cisco AP1242AG

1) I would like to restrict the wireless hand-held scanner devices to only certain LAN IP's, Is this possible? Example please.

2) I would like to allow laptops to connect to the same AP's but restrict them to only the Internet, Is this possible? Example please.

3) I would like to use the same SSID's on all AP's for the hand-held scanners as well as the laptop access with the same restrictions, Is this possible? Example please.

4) Recommendations?

Let me know if any more detail is needed.
Thanks
0
Comment
Question by:Starrett2005
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 5

Expert Comment

by:rslqld
ID: 21810015
1) Depending on number of hand-held devices, static DHCP leases may be your best bet. Assuming you have a central DHCP server or router, just add the leases there and configure each AP to perform DHCP pass-through via web interface or CLI.

2) Those Cisco APs have support for ACLs - create an ACL to permit IP traffic to your internal subnet, and the final entry in the ACL to deny all other destinations.

3) You can do this - any APs that have overlaping signal are best set 5 channels apart to prevent interference - e.g. AP1 is on channel 6 and is within range of AP2 so put AP2 on channel 11.
0
 

Author Comment

by:Starrett2005
ID: 21812153
1) I would like to restrict the wireless hand-held scanner devices to only certain LAN IP's, Is this possible? Example please.
A) Depending on number of hand-held devices, static DHCP leases may be your best bet. Assuming you have a central DHCP server or router, just add the leases there and configure each AP to perform DHCP pass-through via web interface or CLI.
Q) (15 devices)Would the restriction to the application server IP be done with ACL's as well?

2) I would like to allow laptops to connect to the same AP's but restrict them to only the Internet, Is this possible? Example please.
A) Those Cisco APs have support for ACLs - create an ACL to permit IP traffic to your internal subnet, and the final entry in the ACL to deny all other destinations.
Q) Do I need multiple VLANs for different restrictions on SSID's? And if so, do my network switches need to support VLAN trunking on the ports the Aironet are connected?

3) I would like to use the same SSID's on all AP's for the hand-held scanners as well as the laptop access with the same restrictions, Is this possible? Example please.
A) You can do this - any APs that have overlaping signal are best set 5 channels apart to prevent interference - e.g. AP1 is on channel 6 and is within range of AP2 so put AP2 on channel 11.
Q) Will this be OK if all Aironet AP's are configured as root? I'm hoping the same SSID will prevent an connection poblems when a device moves into range of another AP.
0
 

Accepted Solution

by:
Starrett2005 earned 0 total points
ID: 25308569
More research on my questions reveals that the Cisco wireless controller will provide better functinality than just using the WAP devices themselves. At this time we are not ready to purchase the controllers.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last Mile Wireless The term last mile wireless is a bit deceptive as it can be much more than a mile. It is also called WiMax and 802.16. It generally refers to relatively short distance point-to-point / point-to-multipoint secure wireless connecti…
This article is split into background info to start and actual review at bottom: Some time ago I wanted to sell a system with both wired and wireless capability but at minimum expense.  Having visited my trusted online auction I was pleasantly su…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question