Solved

HOW TO: Force users to login via their browser when connecting to our unsecure wireless network

Posted on 2009-04-07
4
322 Views
Last Modified: 2012-05-06
Hello,

When users connect to our unsecure wireless network I want them to be forced to login via their web browser before they can access the network.

I have servers running Windows Server 2003, Windows Server 2008, and Ubuntu Server. I would prefer to set this up on Windows Server 2008.

Do you know how I would do this or know of any documents to assist me?

Thanks!

Drew
0
Comment
Question by:drew17
  • 2
  • 2
4 Comments
 
LVL 7

Accepted Solution

by:
EmpKent earned 250 total points
ID: 24092254
Drew,

I would put a proxy server in front of the gateway and you could force users to login there or configure it to authenticate against LDAP, Domain, etc.

ISA Server is one option for the MS servers. Squid is an open source proxy for your Linux box.

Thanks,

Kent
0
 
LVL 12

Assisted Solution

by:coredatarecovery
coredatarecovery earned 250 total points
ID: 24127639
This leaves a HUGE security hole in that you are only restricting web traffic with this.
someone can just connect and start transferring files with this method.

You should run either encrypted tcp/ip with certificate authentication to obtain an ip address or
run WPA2 and only assign IP Addresses who's mac addresses are in the allowed to connect policies.

0
 
LVL 7

Assisted Solution

by:EmpKent
EmpKent earned 250 total points
ID: 24129580
Coredata,

If you leave a default route on the router and do not use ACLs, you have security issues whether you use a proxy or not.

It is quite easy to restrict all outbound traffic to the proxy only.

Thanks,

Kent
0
 
LVL 12

Assisted Solution

by:coredatarecovery
coredatarecovery earned 250 total points
ID: 24129816
Absolutely correct,
Not to mention the fact that you can passively read all of the data packets without being assigned an IP address on the network.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now