Solved

Wireless Network Priority

Posted on 2011-09-21
6
254 Views
Last Modified: 2013-12-27
How Can Iblock domain computers from connecting to non-approved networks if approved networks are available. Would like to exclude IT machines or logons from this restriction.
The goal is to avoid having users connect to our guest networks accidentally, which happens fairly often, but allow them to use their own wireless at home or on the road.
0
Comment
Question by:starre21
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
6 Comments
 
LVL 63

Expert Comment

by:btan
ID: 36591951
Using the WPAD for proxy but the enforcement may not be fullproof

http://myitforum.com/cs2/blogs/forefrontsecurity/archive/2011/03/16/how-to-use-your-corporate-proxy-when-you-are-connected-with-directaccess.aspx

But it suggested use of proxy gateway and an agent to be "enforcing" the client machine policy thru GPO (see below). Making sure user does not have admin right.

http://technet.microsoft.com/en-us/library/cc985352.aspx
0
 

Author Comment

by:starre21
ID: 36596452
How will prevet them from accessing the Guest Wireless network(which is open security) when the production wireless is in range, but still allow connection to any outside wireless network?
Would Different IP Scopes on the Wireless networks be a better option as most facilities are recieving their guest wireless via DSl while the production network is on MPLS?
0
 

Author Comment

by:starre21
ID: 36596454
or is there a way to deny access all together to certain SSIDs?
0
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 36596641
There is domain GPO doing the blacklist and whitelist of ssid. it will not be all encompassing but minimally assure wireless to specific ap.

 http://www.grouppolicy.biz/2010/03/how-to-use-group-policy-to-blackwhite-list-wireless-networks-in-vista-windows-7/

the 802.1x is also another option but it is not possible for home user and more with enterprise infra or after vpn is established. to stop the initial wireless connection will not be 100% though

0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question