Solved

Creating a VLAn for open wireless connectivity

Posted on 2011-03-17
3
542 Views
Last Modified: 2013-12-27
I work in a law firm and we currently have the wireless locked down. I would like to create a open connection using the same wireless access points that are already in place. I am using Netgear ProSafe WG102 access points and a Cisco ASA 5505 router. Is the easiest and best thing to do in this situation to vreate a VLAN and let the open security connection use the new VLAN?

I have a Cisco guy that can configure the new VLAN on the router but after that I get kind of lost on how to go about setting everything up. I am very new to VLAN's but would appreciate any information you could provide. The WAP's do support VLANS and also have the option to Enable 802.1Q VLAN

Below is a screen shot of the WAP setup just to show you the options.

No. Profile Name SSID Security VLAN Status
1 NETGEAR COMPANYNAME WPA/WPA2 - PSK 1 Enable
2 NETGEAR1 NETGEAR - 1 None 2 Disable
3 NETGEAR2 NETGEAR - 2 None 3 Disable
4 NETGEAR3 NETGEAR - 3 None 4 Disable
5 NETGEAR4 NETGEAR - 4 None 5 Disable
6 NETGEAR5 NETGEAR - 5 None 6 Disable
7 NETGEAR6 NETGEAR - 6 None 7 Disable
8 NETGEAR7 NETGEAR - 7 None 8 Disable
0
Comment
Question by:jseadrew
  • 2
3 Comments
 
LVL 4

Expert Comment

by:Jerry Mills
ID: 35157851
I would create a VLAN on the ASA 5505 and connect the open connection to it.  You must create ACL's to control traffic to keep it off your office lan.  

I am assuming you only wish to let visitors have an internet access point.  I correct - consider connecting to the PUBLIC side directly with a wireless router if you have an available IP address.
0
 

Author Comment

by:jseadrew
ID: 35157891
Yes, only visitors would use the open connection.
So once the VLAN is setup in the Cisco you would suggest getting a seperate wireless router and configure it for open access? I do have an external address I coud use.
0
 
LVL 4

Accepted Solution

by:
Jerry Mills earned 500 total points
ID: 35157944
I would suggest not using the ASA 5505.  Put an inexpensive switch in front of the ASA 5505 - reconnect the 5505 and then connect your wireless router to the switch and use the public address - bypassing the ASA all together.    Total security and you don't need to mess with the ASA 5505.
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now