Solved

Guest Wireless Access

Posted on 2012-12-28
3
758 Views
Last Modified: 2012-12-31
I have been tasked with setting up a guest wireless network so that vendors/patients/visitors to our non-profit hospital can access the internet during their visit. I have no budget with which to work and think that we have the existing equipment but not the know how to put it to work. Here is a breakdown of our physical network infrastructure:

4 Cisco AIR-AP1121G-A-K9
5 Cisco WS-C2960G-48TC-L
1 Cisco WS-C3550-48
1 Cisco WS-C2960G-8TC-L
1 Cisco WS-C2960G-24TC-L
1 Cisco WS-C3550-24
1 Cisco ASA 5510

All are using the default VLAN 1, no other VLANs are configured.

We need the guest traffic to separate from our traffic so they don't have access to Patient Information. We would like the traffic to go through our Websense server but it is not necessary. The users would have to be redirected to an Acceptable Use Policy (agree or disagree) before being able to use the internet.

We have the basics when it comes to configuring our switches but our IT team consists of 2 people and we know we can do this just not sure where to start. Any help is greatly appreciated.
0
Comment
Question by:ODA521
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 4

Assisted Solution

by:tpitch-ssemc
tpitch-ssemc earned 250 total points
ID: 38728197
Unless I'm not thinking clearly you're probably looking at a whole network makeover. If you want it to parse through your Websense server then you need to move your Websense server outside of your protected network.

If you'd prever you can create a new VLAN for guest access and just route it out your Internet connection. Sounds like you have small wireless foot print, I'd probably just pickup some cheap Cisco/Linksys APs with the captive portal and stick it on the public side of your Internet.

We have a setup that you're looking to achieve, but we have a wireless controller with multiple NICs and route the traffic that way.

If you want to use your current configuration you're going to have to create some VLANs to separate traffic (you should never use VLAN 1 by the way). But for this instance you're going tohave to map SSID: Guest to VLAN2. See if this helps you out, there is no audio but it may get you started.

http://www.youtube.com/watch?v=l51u4SkaGtY
0
 
LVL 12

Accepted Solution

by:
profgeek earned 250 total points
ID: 38729071
How many areas are you wanting to provide access for?  Do you have an estimate as to how many WAPs you'll need to cover those areas?

The simplest solution is to add consumer grade routers that have built-in guest access.  You could install those without messing with your current configuration.  You'll spend far more in labor trying to reconfigure your entire network than you would spend on a few of these (less than $100) routers.
0
 

Author Closing Comment

by:ODA521
ID: 38732487
Thank you both for your input! I think the simplest and cost effective way will be to buy separate consumer grade routers and do it that way. Thank you again!
0

Featured Post

Everything You Need to Know about Petya 2.0

Get an overview of the what, when and how of Petya 2.0  from our threat analyst Marc Labilerte, as well as a look at how WatchGuard Total Security Suite protected our customers from the recent attack!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question