Is there a way to limit network users to just our wifi so they can't use any public open wifi?

Hi everyone, I work at a school and have Microsoft Server 2003, Watchguard Firebox firewall, Cisco 2821 router, Cisco 3560 switches and Cisco 1240AG WAPS. We have Dell D630's with Intel ProSet Wireless. I decided to use Microsofts Zero instead of the ProSet software for ease of use. Anyways there is a bar down the street that has open wifi and the students get on it to bypass my filter. After the first student does that then the wireless defaults to that wifi network instead of ours and the rest of the students that use that computer cannot log in to our domain. I've heard Cisco has something to knock down other wifi signals etc but it's expensive and was hoping maybe there was a setting or policy I can enforce on the computers locally or through AD to solve my dilema. I thought I was out of school but teachers and principals are still driving me crazy!

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

If they are only using your terminals of course you can lock them down.  If they are using laptops etc that they own, then of course they will be able to connect to the bar.  

I would go about it in a few ways.  

First, read this:
(Lots of great information if your an admin, especially the rogue WAP section)

And this:

In the wireless config "advanced" set the preferences to "only connect to infrastructure"
Disable the "automatically connect to non-preferred networks"
Make sure that your AP is the only one listed

Lock this down in the GPO so it may not be changed.  You can even disable the icon in the taskbar.

Lastly, you can tell the bar what is happening, they might be able to lock their wifi and only give the passkey to customers.  I dont think they would like students leeching their interwebz.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
BlueChip83Author Commented:
Thanks, I'll try to change to the config and hide the icon then I'll let you know. Also, I've already talked to the bar and they didn't do anything after they told me they would. It was a while ago so I might have to stop by and actually buy a drink this time.
Through group policy you can setup wireless network settings and select the option ' Only connect to preferred networks'. This will only allow clients to connect to networks that are predefined by you.
BlueChip83Author Commented:
Thanks guys, so far so good. I used the GPO Wireless extension in GPMC and got most of the setting set in there.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Smartphone Programming

From novice to tech pro — start learning today.