Solved

HOW TO: Force users to login via their browser when connecting to our unsecure wireless network

Posted on 2009-04-07
4
328 Views
Last Modified: 2012-05-06
Hello,

When users connect to our unsecure wireless network I want them to be forced to login via their web browser before they can access the network.

I have servers running Windows Server 2003, Windows Server 2008, and Ubuntu Server. I would prefer to set this up on Windows Server 2008.

Do you know how I would do this or know of any documents to assist me?

Thanks!

Drew
0
Comment
Question by:drew17
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 7

Accepted Solution

by:
EmpKent earned 250 total points
ID: 24092254
Drew,

I would put a proxy server in front of the gateway and you could force users to login there or configure it to authenticate against LDAP, Domain, etc.

ISA Server is one option for the MS servers. Squid is an open source proxy for your Linux box.

Thanks,

Kent
0
 
LVL 12

Assisted Solution

by:coredatarecovery
coredatarecovery earned 250 total points
ID: 24127639
This leaves a HUGE security hole in that you are only restricting web traffic with this.
someone can just connect and start transferring files with this method.

You should run either encrypted tcp/ip with certificate authentication to obtain an ip address or
run WPA2 and only assign IP Addresses who's mac addresses are in the allowed to connect policies.

0
 
LVL 7

Assisted Solution

by:EmpKent
EmpKent earned 250 total points
ID: 24129580
Coredata,

If you leave a default route on the router and do not use ACLs, you have security issues whether you use a proxy or not.

It is quite easy to restrict all outbound traffic to the proxy only.

Thanks,

Kent
0
 
LVL 12

Assisted Solution

by:coredatarecovery
coredatarecovery earned 250 total points
ID: 24129816
Absolutely correct,
Not to mention the fact that you can passively read all of the data packets without being assigned an IP address on the network.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article I will describe how to setup a Cisco WLC 5508 to work with Apple's Bonjour protocol across VLANs.  I will also discuss using screen mirroring and Airplay on an AppleTV v3.  This article covers the wireless network only and requires m…
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question