Improve company productivity with a Business Account.Sign Up

x
?
Solved

Creating a VLAn for open wireless connectivity

Posted on 2011-03-17
3
Medium Priority
?
559 Views
Last Modified: 2013-12-27
I work in a law firm and we currently have the wireless locked down. I would like to create a open connection using the same wireless access points that are already in place. I am using Netgear ProSafe WG102 access points and a Cisco ASA 5505 router. Is the easiest and best thing to do in this situation to vreate a VLAN and let the open security connection use the new VLAN?

I have a Cisco guy that can configure the new VLAN on the router but after that I get kind of lost on how to go about setting everything up. I am very new to VLAN's but would appreciate any information you could provide. The WAP's do support VLANS and also have the option to Enable 802.1Q VLAN

Below is a screen shot of the WAP setup just to show you the options.

No. Profile Name SSID Security VLAN Status
1 NETGEAR COMPANYNAME WPA/WPA2 - PSK 1 Enable
2 NETGEAR1 NETGEAR - 1 None 2 Disable
3 NETGEAR2 NETGEAR - 2 None 3 Disable
4 NETGEAR3 NETGEAR - 3 None 4 Disable
5 NETGEAR4 NETGEAR - 4 None 5 Disable
6 NETGEAR5 NETGEAR - 5 None 6 Disable
7 NETGEAR6 NETGEAR - 6 None 7 Disable
8 NETGEAR7 NETGEAR - 7 None 8 Disable
0
Comment
Question by:jseadrew
  • 2
3 Comments
 
LVL 4

Expert Comment

by:Jerry Mills
ID: 35157851
I would create a VLAN on the ASA 5505 and connect the open connection to it.  You must create ACL's to control traffic to keep it off your office lan.  

I am assuming you only wish to let visitors have an internet access point.  I correct - consider connecting to the PUBLIC side directly with a wireless router if you have an available IP address.
0
 

Author Comment

by:jseadrew
ID: 35157891
Yes, only visitors would use the open connection.
So once the VLAN is setup in the Cisco you would suggest getting a seperate wireless router and configure it for open access? I do have an external address I coud use.
0
 
LVL 4

Accepted Solution

by:
Jerry Mills earned 2000 total points
ID: 35157944
I would suggest not using the ASA 5505.  Put an inexpensive switch in front of the ASA 5505 - reconnect the 5505 and then connect your wireless router to the switch and use the public address - bypassing the ASA all together.    Total security and you don't need to mess with the ASA 5505.
0

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
Have a Cisco router that you forgot the password or maybe you bought a used router that is locked with a password? This article will guide you through the steps on how to recover the password on your Cisco gear.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question