Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.
Solved
Guest Wireless Access
Posted on 2012-12-28
I have been tasked with setting up a guest wireless network so that vendors/patients/visitors to our non-profit hospital can access the internet during their visit. I have no budget with which to work and think that we have the existing equipment but not the know how to put it to work. Here is a breakdown of our physical network infrastructure:
4 Cisco AIR-AP1121G-A-K9
5 Cisco WS-C2960G-48TC-L
1 Cisco WS-C3550-48
1 Cisco WS-C2960G-8TC-L
1 Cisco WS-C2960G-24TC-L
1 Cisco WS-C3550-24
1 Cisco ASA 5510
All are using the default VLAN 1, no other VLANs are configured.
We need the guest traffic to separate from our traffic so they don't have access to Patient Information. We would like the traffic to go through our Websense server but it is not necessary. The users would have to be redirected to an Acceptable Use Policy (agree or disagree) before being able to use the internet.
We have the basics when it comes to configuring our switches but our IT team consists of 2 people and we know we can do this just not sure where to start. Any help is greatly appreciated.
4 Cisco AIR-AP1121G-A-K9
5 Cisco WS-C2960G-48TC-L
1 Cisco WS-C3550-48
1 Cisco WS-C2960G-8TC-L
1 Cisco WS-C2960G-24TC-L
1 Cisco WS-C3550-24
1 Cisco ASA 5510
All are using the default VLAN 1, no other VLANs are configured.
We need the guest traffic to separate from our traffic so they don't have access to Patient Information. We would like the traffic to go through our Websense server but it is not necessary. The users would have to be redirected to an Acceptable Use Policy (agree or disagree) before being able to use the internet.
We have the basics when it comes to configuring our switches but our IT team consists of 2 people and we know we can do this just not sure where to start. Any help is greatly appreciated.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3 Comments
Unless I'm not thinking clearly you're probably looking at a whole network makeover. If you want it to parse through your Websense server then you need to move your Websense server outside of your protected network.
If you'd prever you can create a new VLAN for guest access and just route it out your Internet connection. Sounds like you have small wireless foot print, I'd probably just pickup some cheap Cisco/Linksys APs with the captive portal and stick it on the public side of your Internet.
We have a setup that you're looking to achieve, but we have a wireless controller with multiple NICs and route the traffic that way.
If you want to use your current configuration you're going to have to create some VLANs to separate traffic (you should never use VLAN 1 by the way). But for this instance you're going tohave to map SSID: Guest to VLAN2. See if this helps you out, there is no audio but it may get you started.
http://www.youtube.com/watch?v=l51u4SkaGtY
If you'd prever you can create a new VLAN for guest access and just route it out your Internet connection. Sounds like you have small wireless foot print, I'd probably just pickup some cheap Cisco/Linksys APs with the captive portal and stick it on the public side of your Internet.
We have a setup that you're looking to achieve, but we have a wireless controller with multiple NICs and route the traffic that way.
If you want to use your current configuration you're going to have to create some VLANs to separate traffic (you should never use VLAN 1 by the way). But for this instance you're going tohave to map SSID: Guest to VLAN2. See if this helps you out, there is no audio but it may get you started.
http://www.youtube.com/watch?v=l51u4SkaGtY
How many areas are you wanting to provide access for? Do you have an estimate as to how many WAPs you'll need to cover those areas?
The simplest solution is to add consumer grade routers that have built-in guest access. You could install those without messing with your current configuration. You'll spend far more in labor trying to reconfigure your entire network than you would spend on a few of these (less than $100) routers.
The simplest solution is to add consumer grade routers that have built-in guest access. You could install those without messing with your current configuration. You'll spend far more in labor trying to reconfigure your entire network than you would spend on a few of these (less than $100) routers.
Featured Post
![[Webinar] Lessons on Recovering from Petya](https://filedb.experts-exchange.com/files/public/2017/7/11/dcb3272a-62a8-4274-a34e-d1771610ec3b.png)
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually.
After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month9 days, 8 hours left to enroll
722 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.