Guest Wireless Access
I have been tasked with setting up a guest wireless network so that vendors/patients/visitors to our non-profit hospital can access the internet during their visit. I have no budget with which to work and think that we have the existing equipment but not the know how to put it to work. Here is a breakdown of our physical network infrastructure:
4 Cisco AIR-AP1121G-A-K9
5 Cisco WS-C2960G-48TC-L
1 Cisco WS-C3550-48
1 Cisco WS-C2960G-8TC-L
1 Cisco WS-C2960G-24TC-L
1 Cisco WS-C3550-24
1 Cisco ASA 5510
All are using the default VLAN 1, no other VLANs are configured.
We need the guest traffic to separate from our traffic so they don't have access to Patient Information. We would like the traffic to go through our Websense server but it is not necessary. The users would have to be redirected to an Acceptable Use Policy (agree or disagree) before being able to use the internet.
We have the basics when it comes to configuring our switches but our IT team consists of 2 people and we know we can do this just not sure where to start. Any help is greatly appreciated.
4 Cisco AIR-AP1121G-A-K9
5 Cisco WS-C2960G-48TC-L
1 Cisco WS-C3550-48
1 Cisco WS-C2960G-8TC-L
1 Cisco WS-C2960G-24TC-L
1 Cisco WS-C3550-24
1 Cisco ASA 5510
All are using the default VLAN 1, no other VLANs are configured.
We need the guest traffic to separate from our traffic so they don't have access to Patient Information. We would like the traffic to go through our Websense server but it is not necessary. The users would have to be redirected to an Acceptable Use Policy (agree or disagree) before being able to use the internet.
We have the basics when it comes to configuring our switches but our IT team consists of 2 people and we know we can do this just not sure where to start. Any help is greatly appreciated.
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Unless I'm not thinking clearly you're probably looking at a whole network makeover. If you want it to parse through your Websense server then you need to move your Websense server outside of your protected network.
If you'd prever you can create a new VLAN for guest access and just route it out your Internet connection. Sounds like you have small wireless foot print, I'd probably just pickup some cheap Cisco/Linksys APs with the captive portal and stick it on the public side of your Internet.
We have a setup that you're looking to achieve, but we have a wireless controller with multiple NICs and route the traffic that way.
If you want to use your current configuration you're going to have to create some VLANs to separate traffic (you should never use VLAN 1 by the way). But for this instance you're going tohave to map SSID: Guest to VLAN2. See if this helps you out, there is no audio but it may get you started.
http://www.youtube.com/watch?v=l51u4SkaGtY
If you'd prever you can create a new VLAN for guest access and just route it out your Internet connection. Sounds like you have small wireless foot print, I'd probably just pickup some cheap Cisco/Linksys APs with the captive portal and stick it on the public side of your Internet.
We have a setup that you're looking to achieve, but we have a wireless controller with multiple NICs and route the traffic that way.
If you want to use your current configuration you're going to have to create some VLANs to separate traffic (you should never use VLAN 1 by the way). But for this instance you're going tohave to map SSID: Guest to VLAN2. See if this helps you out, there is no audio but it may get you started.
http://www.youtube.com/watch?v=l51u4SkaGtY
How many areas are you wanting to provide access for? Do you have an estimate as to how many WAPs you'll need to cover those areas?
The simplest solution is to add consumer grade routers that have built-in guest access. You could install those without messing with your current configuration. You'll spend far more in labor trying to reconfigure your entire network than you would spend on a few of these (less than $100) routers.
The simplest solution is to add consumer grade routers that have built-in guest access. You could install those without messing with your current configuration. You'll spend far more in labor trying to reconfigure your entire network than you would spend on a few of these (less than $100) routers.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial