Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 260
  • Last Modified:

Manage Access Points

Hi all,

We use a variety of Linksys WAP54 in combination with a WRT54. This network runs outside the corporate network and is used only for guests. Many colleagues use this network to bypass the proxy server and then connect through a VPN connection to the corporate network. This way being able to access everything ICT is blocking. We want to try to avoid this because it is not the intention, of course. Within the WRT it is possible to prohibit access to some mac addresses, but only up to 40.

Is there known software the WRT can be replaced by we can block multiple systems connecting and where any other brands of access points can connect to? Our preference is obviously open source software.

Thank in advance.
Hans
0
djaycee
Asked:
djaycee
  • 5
  • 3
  • 2
2 Solutions
 
Jordan MedlenCommented:
I would recommend looking at DD-WRT, which can be flashed onto your current systems.

http://www.dd-wrt.com/site/index

That would be my best suggestion for your situation and requirements.
0
 
djayceeAuthor Commented:
Hi Jordan,

If I'm not mistaken, DD-WRT is mainly a firmware to be used to replace the firmware of the WRT, correct? Maybe less limitations but equally dedicated to the device. What I'm looking for is a software based solution to replace the WRT in total.

Regards,
Hans
0
 
Jordan MedlenCommented:
Yes, the DD-WRT is a firmware replacement. It's linux based, so should be much more flexible than what is provided now on the WRT. If you're looking to have just a software based firewall, then try Vyatta or PFSense. Either of those could be run as a virtual machine.
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
Craig BeckCommented:
If your users are using corporate assets why not just lock down their wireless settings so they can only connect to the corporate SSID.  This is easily done via Group Policy.
0
 
djayceeAuthor Commented:
@ Jordan: thx, I'm gonna check out those 2!

@ craigbeck: Interesting, never thought of it... but doesn't this prevent them from using wireless at home?

Regards,
Hans
0
 
Craig BeckCommented:
No not at all.  You can explicitly deny a WLAN based on the name, so while users can see your 'Guest' network while they're in the office they can't connect to it.  When they go home though their own home wifi will probably not be called 'Guest' so it'll be fine.
0
 
djayceeAuthor Commented:
Super, this I've got to try! Thx! Any ideas how to prevent them using their phones?
0
 
Craig BeckCommented:
Use a captive portal, as Jordan suggested.  That way you'd need to give your staff a guest user account as and when they wanted to use the guest wifi... to which you just say no! ;-)
0
 
djayceeAuthor Commented:
Ok, craigbeck and Jordan, thx for the advice, gonna test this next week and get back to you!
0
 
djayceeAuthor Commented:
Thanks for all the help but we're going to replace the old AP's with new ones. Thanks anyway.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now