Solved

Multiple SSID's

Posted on 2013-01-01
10
432 Views
Last Modified: 2013-04-08
Hi ,

If I have one router and one switch layer 3 ,  and have many access points with muliple SSID's . is it possible that I can isolate my guest traffic from my corporate traffic .

but I do have DNS and DHCP server as well , I want guest users to be not part of my corporate network and should be isolated completeley but want to use same internet connection .

possibilities and solutions ????
0
Comment
Question by:annasad
10 Comments
 
LVL 4

Assisted Solution

by:iconnectu
iconnectu earned 500 total points
ID: 38735829
Yes of course. You can split the different Networks with the VLAN Tag. You have to configure VLANs on the Switches and the WLAN APs too. For your internal Network use your Win DHCP and DNS Servers, For the Guest Network use the DHCP Server from your Firewall and set the public DNS Servers for the guests.
0
 
LVL 1

Author Comment

by:annasad
ID: 38742916
would required a little more explaination on VLAN TAG , if an article can be shared , that would be helpful about how to implement it
0
 
LVL 11

Expert Comment

by:remixedcat
ID: 38746381
Please provide the router model # so we can assist you further.

 Thank you.
0
 
LVL 1

Author Comment

by:annasad
ID: 38808641
Currently I have two seperate internet connections , one is for corporate and one is for Guest .

guest is using Linksys router with POE WAN port to connect and using ISP DNS settings .
0
 
LVL 21

Expert Comment

by:Rick_O_Shay
ID: 38809636
Some small office type routers have an option built in to easily configure a guest wireless network to do exactly what you are looking for. What model routers are the two you have?
0
Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

 
LVL 1

Author Comment

by:annasad
ID: 38867055
Well my scenario is bit different from the point that my corporate network invloves proxy servers and , antivirus servers and then all traffic has to pass through the proxy server .

for Guest network , we have linksys small to medium based router which is physically different than the above system and both network have seperate switches and seperate Access points .

Also the clients wich connect to corporate Wifi uses corproate internet , and Wifi authentication is done on the bases of AD User . you can only authenticate Corporate Wifi , if you are AD user , but in Guest Network users should be able to connect with some key , which is not the case here .
So its bit complex thing to manage and integrate .
0
 
LVL 1

Author Comment

by:annasad
ID: 38924715
any one can help me on this ?
0
 
LVL 4

Assisted Solution

by:iconnectu
iconnectu earned 500 total points
ID: 38924880
Some Routers have a captive portal service. The N4100 from Zyxel has a network printer attached and can print passwords for every customers. you can set three different times, like 4 hours, 1 Day, 1 Week and provide internet access only the time the customer need it.
0
 
LVL 1

Author Comment

by:annasad
ID: 38940899
well , in my case , the guest users are permenent compliyees with their handheld devices , like mobiles , ipad , and tablets .  so once they get the passcode , then they want it for good time . they can not change the password every week even .

the whole problem is to change the mechansim in which guest network can be isolated with Corporate LAN and the key can not be used in Corporate network .

above is a good idea , i would try to see how it can fix up my problem .
0
 
LVL 4

Accepted Solution

by:
iconnectu earned 500 total points
ID: 38942139
The Admin can set the access times as he need it. If someone need permanent access for a year or longer, you can set one button for one year access. the lease automatically disappear after this period of time. If access is needed again, just print another ticket. This will help you to manage Customer Accounts over the years. You don't want to give someone free internet access for lifetime.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now