Using our Cisco Kit we want to make a BYOD VLAN. The idea is they get access to the school website, VLE, Webmail and our remote access webpage. They can use the remote access then to access the LAN.
I was wondering what i can use so if on this network they navigate to say google.com it redirects them to a specific webpage?
Hopefully something that wont cost us anything extra.
I hope this make sense?
If this was me, I'd build the new VLAN and just allow the firewall rules on the wireless to only those specific services, if they want access to the LAN then you either have to VPN in or use the Captive Portal to authenticate.
In fact we do just the thing using PfSense, our wireless is wide open, but you cant actually access any service until you login through the captive portal. Once you've done that you can access certain sites like our Business Portal, OWA and thats it.... if you want Internet and LAN Services you have to VPN in.
So if you wanted google.com to point to a different page you could do it so a rule would send those requests to another server....
All free - cost us a spare machine....
Last edited by cpjitservices; 13th November 2012 at 02:59 PM.
Although upon reading your post again that wasn't what you asked for was it... durrrrr!
Maybe you could point a firewall rule in there so if google.com is requested then it will forward the traffic to a different site/server.
create a service landing page that you tell the students the url.
setup access lists on the cisco to only allow trafic to the desired hosts and ports.
All i am after at the moment is a way to take them automatically to the landing page.
Yeah your right you couldn't do the HOSTS file as these are mobile devices, access lists / firewalling is gonna be the easiest way I wreckon.
I know about access lists etc that isnt the problem.
I want something that will redirect the student home pages to our specificed URL. Like it is in airports etc. For example bob smith opens IE and he goes to google.com it then takes them instead of Google to our URL.
That would be down to your Wireless infrastructure. They do the captive page type doo hickys (sorry for the technical terms). I'll have a look for what it is called on Ruckus but if you have something different it could well be renamed!
EDIT: Sorry by Wireless Infrastructure I mean either the access points or management system!
Captive Portal for authentication.... exactly what we use here!
Yes but what actual product to use, capitve protal itself isnt a product. I dont want a firewall becuase we have one of them.
Last edited by FN-GM; 13th November 2012 at 04:20 PM.
You could use PfSense it's free off the internet and serves as a Router / Firewall - all you'll need is a spare machine or build it in a VM
pfSense Open Source Firewall Distribution - Home
We swear by it and have installed it at some local hotspots... works flawlessly.
You dont actually have to use the firewall part,,, infact it can be disabled all together in the advanced settings.
PfSense is also built on BSD and has a very nice Web Interface, with it being BSD it's very secure.
Last edited by cpjitservices; 13th November 2012 at 04:23 PM.
FN-GM (13th November 2012)
There are currently 1 users browsing this thread. (0 members and 1 guests)