Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 556
  • Last Modified:

Creating a VLAn for open wireless connectivity

I work in a law firm and we currently have the wireless locked down. I would like to create a open connection using the same wireless access points that are already in place. I am using Netgear ProSafe WG102 access points and a Cisco ASA 5505 router. Is the easiest and best thing to do in this situation to vreate a VLAN and let the open security connection use the new VLAN?

I have a Cisco guy that can configure the new VLAN on the router but after that I get kind of lost on how to go about setting everything up. I am very new to VLAN's but would appreciate any information you could provide. The WAP's do support VLANS and also have the option to Enable 802.1Q VLAN

Below is a screen shot of the WAP setup just to show you the options.

No. Profile Name SSID Security VLAN Status
1 NETGEAR COMPANYNAME WPA/WPA2 - PSK 1 Enable
2 NETGEAR1 NETGEAR - 1 None 2 Disable
3 NETGEAR2 NETGEAR - 2 None 3 Disable
4 NETGEAR3 NETGEAR - 3 None 4 Disable
5 NETGEAR4 NETGEAR - 4 None 5 Disable
6 NETGEAR5 NETGEAR - 5 None 6 Disable
7 NETGEAR6 NETGEAR - 6 None 7 Disable
8 NETGEAR7 NETGEAR - 7 None 8 Disable
0
jseadrew
Asked:
jseadrew
  • 2
1 Solution
 
Jerry MillsCommented:
I would create a VLAN on the ASA 5505 and connect the open connection to it.  You must create ACL's to control traffic to keep it off your office lan.  

I am assuming you only wish to let visitors have an internet access point.  I correct - consider connecting to the PUBLIC side directly with a wireless router if you have an available IP address.
0
 
jseadrewAuthor Commented:
Yes, only visitors would use the open connection.
So once the VLAN is setup in the Cisco you would suggest getting a seperate wireless router and configure it for open access? I do have an external address I coud use.
0
 
Jerry MillsCommented:
I would suggest not using the ASA 5505.  Put an inexpensive switch in front of the ASA 5505 - reconnect the 5505 and then connect your wireless router to the switch and use the public address - bypassing the ASA all together.    Total security and you don't need to mess with the ASA 5505.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now