Wireless Security
Wireless Infrastructure Nov 01 2011 01:54AM
Seth Fogie (seth fogieonline com) (4 replies)
RE: Wireless Infrastructure Nov 01 2011 03:12PM
Kripton, Bruce (Kripton Bruce scrippshealth org)
RE: Wireless Infrastructure Nov 01 2011 09:44AM
Charlton, Ceri \(CSS\) (Ceri Charlton capita co uk)
Re: Wireless Infrastructure Nov 01 2011 09:05AM
Cedric Blancher (blancher cartel-securite fr)
Re: Wireless Infrastructure Nov 01 2011 02:06AM
Kurt Buff (kurt buff gmail com)
$WORK has Cisco 1240AG WAPs and HP switches.

I configured a layer-2 only VLAN and NATed it out our firewall - it's
a second SSID on the WAPs. Traffic on this VLAN also is picked up by
our Barracuda web filter, as it's placed between our firewall and our
L3 switch. I stuck a tiny little FreeBSD box on the VLAN to provide
DHCP, and pointed the DNS settings to 8.8.8.8.

Works great.

Kurt

On Mon, Oct 31, 2011 at 18:54, Seth Fogie <seth (at) fogieonline (dot) com [email concealed]> wrote:
> I have a security related infrastructure question:
>
> Proposal: Provide guest access to anyone at all remote sites.
> Reasoning: Guests need to have a distraction for long wait times
> (non-negotiable).
>
> Solutions:
> 1. Create a Guest SSID and tag it with the external VLAN and then  tunnel
> the traffic back over the site-to-site VPN via the broadband modem and route
> this traffic to an external connection over the same link that provides
> internal VLAN traffic.
> 2. Build a separate infrastructure for wireless Guest traffic and purchase a
> dedicated internet connection for all guest traffic per site.
> 3. ????
>
> Help?
> Thanks!!!
>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus