Solved

Guest Network help

Posted on 2011-03-15
6
497 Views
Last Modified: 2012-05-11
I have a cisco network that has a number of different Vlans.  Once of those vlans is for my guest wireless network.  It is a simple setup where if someone connects to the guest ssid, they are put on a different vlan that just goes out to a Linksys router connected to it's own dedicated
internet connection with full access.

Problem is, my employees are now connecting to guest with the business machines and using it to gain access to sites that are restricted on the business vlan.

so, I want to do something like they do at hotels where if you connect to the guest ssid, a website splash screen will come up prompting you for a code.  The code would be issued by IT with an expiration date.  They enter in the code, agree to terms and conditions and then have access as long as the code is valid.

Can anyone suggest such a hardware based device that can handle this?  Nothing too expensive or complicated.  My budget is no more than $1000 if possible.

Thanks

0
Comment
Question by:TheMetalicOne
6 Comments
 
LVL 5

Expert Comment

by:KGNickl
ID: 35141746
Try to google "captive wireless portal".

Depending on the number of guest you have you could just have no wireless password and setup the router so only authorized MAC addresses can access anything after connected.

When the guest arrives you add the computer(s) MAC address to the authorized MAC address list in the router. You record on a spreadsheet the Guest Name, MAC address, date activated,  date it should be removed, and contact information for the employee responsible for the guest. You could even set up a calendar reminder to delete a specific MAC address or just do it once a week or something.
0
 
LVL 6

Expert Comment

by:Dangle79
ID: 35141814
we have a similar problem, only difference being that my users have to go through a proxy server for internet, however they connect to our public SSID and suddenly none of their applications work because they're on the wrong VLAN.

best solution i've come up with is to load the manufacturer's wireless utility and lock down what SSIDs the clients can connect to. easier if you've got Vista clients or better but can't do it via AD group policy for XP machines.
0
 
LVL 9

Expert Comment

by:djpazza
ID: 35141900
Take a look at squid proxy it's free. I'm sure you can lock out people's access based on ntlm authentication.

http://www.squid-cache.org/Intro/
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 13

Expert Comment

by:kdearing
ID: 35142549
I've used IP3 Networks equipment in the past, but I'm not sure the company is still around.
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 35143219
Buy a Zyxel N4100 - its a hotspot router.  Just plug it in, configure a couple of policies and away you go.
0
 
LVL 5

Author Closing Comment

by:TheMetalicOne
ID: 35149045
Perfect, thank you.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now