Solved

Guest Wireless Access

Posted on 2012-12-28
3
757 Views
Last Modified: 2012-12-31
I have been tasked with setting up a guest wireless network so that vendors/patients/visitors to our non-profit hospital can access the internet during their visit. I have no budget with which to work and think that we have the existing equipment but not the know how to put it to work. Here is a breakdown of our physical network infrastructure:

4 Cisco AIR-AP1121G-A-K9
5 Cisco WS-C2960G-48TC-L
1 Cisco WS-C3550-48
1 Cisco WS-C2960G-8TC-L
1 Cisco WS-C2960G-24TC-L
1 Cisco WS-C3550-24
1 Cisco ASA 5510

All are using the default VLAN 1, no other VLANs are configured.

We need the guest traffic to separate from our traffic so they don't have access to Patient Information. We would like the traffic to go through our Websense server but it is not necessary. The users would have to be redirected to an Acceptable Use Policy (agree or disagree) before being able to use the internet.

We have the basics when it comes to configuring our switches but our IT team consists of 2 people and we know we can do this just not sure where to start. Any help is greatly appreciated.
0
Comment
Question by:ODA521
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 4

Assisted Solution

by:tpitch-ssemc
tpitch-ssemc earned 250 total points
ID: 38728197
Unless I'm not thinking clearly you're probably looking at a whole network makeover. If you want it to parse through your Websense server then you need to move your Websense server outside of your protected network.

If you'd prever you can create a new VLAN for guest access and just route it out your Internet connection. Sounds like you have small wireless foot print, I'd probably just pickup some cheap Cisco/Linksys APs with the captive portal and stick it on the public side of your Internet.

We have a setup that you're looking to achieve, but we have a wireless controller with multiple NICs and route the traffic that way.

If you want to use your current configuration you're going to have to create some VLANs to separate traffic (you should never use VLAN 1 by the way). But for this instance you're going tohave to map SSID: Guest to VLAN2. See if this helps you out, there is no audio but it may get you started.

http://www.youtube.com/watch?v=l51u4SkaGtY
0
 
LVL 12

Accepted Solution

by:
profgeek earned 250 total points
ID: 38729071
How many areas are you wanting to provide access for?  Do you have an estimate as to how many WAPs you'll need to cover those areas?

The simplest solution is to add consumer grade routers that have built-in guest access.  You could install those without messing with your current configuration.  You'll spend far more in labor trying to reconfigure your entire network than you would spend on a few of these (less than $100) routers.
0
 

Author Closing Comment

by:ODA521
ID: 38732487
Thank you both for your input! I think the simplest and cost effective way will be to buy separate consumer grade routers and do it that way. Thank you again!
0

Featured Post

Webinar May 25: Cloud Security Strategies for SMBs

Small and mid-sized businesses are a driving force behind cloud adoption, and it’s no wonder: cloud benefits are BIG.  But for all the convenience that moving to the cloud provides, where does security come into play?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Can't connect to wireless network using Radius 2 40
Cisco 3800 series and WISM2 1 50
Network Design Question 1 54
WLC and radius 4 48
AWS has developed and created its highly available global infrastructure allowing users to deploy and manage their estates all across the world through the use of the following geographical components   RegionsAvailability ZonesEdge Locations  Wh…
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question