|
|
|||||||
| Register | Search | Today's Posts | Mark Forums Read |
 |
|
|
LinkBack | Thread Tools | Display Modes |
09-28-2004
|
#1 (permalink) |
|
Registered Member
Join Date: Sep 2004
Posts: 1
|
New Wi-Fi install
Hi all,
Sorry to be a complete Newb to this, but then we all got to start somewhere right? Ok onto the real brain teaser question. We have a LAN-WAN setup at our offices, this LAN-WAN has worldwide reach. We have a VPN dial in solution for all remote workers. I have been asked to setup a wireless install for external visitors, and internal visitors. At the moment, we provide LAN cables which people can use to access out LAN. Any external visitors have to report to IT to have their laptop scanned before using, although there is no control over this! I'm thinking of setting up an ADSL connection with wireless access points around the meeting rooms. To make it easy to use I'm not going to use any security, no WEP keys, no MAC address registering etc. I would like to know if people have done this before, what problems did you encounter? We are a central London office, and I'm a bit worried about people out side the building using this Wi-Fi lan for there own ends. I don't want to use WEP due to the overheads in setting every visitor up with the key etc.. All being well with this ADSL seperate LAN install, I would like to setup a Wi-Fi hotspot in this office on the main LAN, but tied down with security, the thought being this would be for people here who are not visiting but are mobile. Look forward to your thoughts. Tim. |
|
|
|
09-28-2004
|
#2 (permalink) |
|
General "Noob Basher"
Join Date: Apr 2002
Location: Munich, Germany
Posts: 1,620
|
The only way (Correct way) to do this is with some enterprise class gear
such as the Cisco Aironet family. 1. Setup Wifi on your switchs/routers in it's own VLAN, seperate from your internal Office stuff. 2. Setup an Aironet accesspoint and turn on WEP/LEAP etc. on the AP 3. Buy some Aironet Client PCMCIA cards for the IT Dept to hand out. 4. Lock access to the net to ONLY those cards that are authroized. This way all "Visitors" must go to the IT Dept. to get the lappy scanned and the PCMCIA cards/client installed...
__________________
Legends may sleep, but they never die!!!! |
|
|
|
|
09-28-2004
|
#3 (permalink) | |
|
Did you do the math?
Join Date: Apr 2002
Location: Villa Straylight
Posts: 10,084
|
Quote:
As far as the internal WLAN, you should NEVER place it on the same net as the LAN. It should be a separate network in and of itself. Mobile workers within the office should access the wired LAN via VPN as if they are external. The reason fo this is security. MAC filtering is trival to defeat (less than 1 minute) and WEP can de overcome with relative ease (depending on the WLAN's traffic levels). You should also consider using a product that will has a better encryption such as Funk Odyssey.
__________________
Thorn "I'm The Doctor. I'm a Time Lord. I am from the planet Gallifrey in the constellation Kasterborous. I'm 903 years old and I am the man who is going to save your lives and all 6 billion people on the planet below... You got a problem with that?" |
|
|
|
|
Linear Mode
