+ Post New Thread
Results 1 to 2 of 2
Internet Related/Filtering/Firewall Thread, How to add another SSID to Sophos UTM with different web filter polices. in Technical; Hi guys, We have a Sophos UTM 425 and have it setup to allow guest wifi and internal wifi access ...
  1. #1

    Join Date
    Jun 2011
    Location
    Atherton
    Posts
    112
    Thank Post
    13
    Thanked 6 Times in 1 Post
    Rep Power
    8

    How to add another SSID to Sophos UTM with different web filter polices.

    Hi guys,

    We have a Sophos UTM 425 and have it setup to allow guest wifi and internal wifi access for ad devices like win laptops.

    we want to add two more ssids, "Student" & "staff"..... and have the relevant filters applied to these ssids.... this is for ipads/chromebooks that can't authenticate via AD.

    We haven't received any documentation for the device and having had a search in there knowledge base have found nothing.

    We have a guest wifi (byod) setup which is separate from the network and has a different filter applied, and a standard SSID which gives the web filter polices out depending on which group the user is a member of in AD.

    Below is a listed of SSIDs we already have, and want to create. The ssid names have been simplified.

    "School WIFI" (already in use) Used for all AD compatible devices, the filter policy is given to the user via there AD membership. Staff/Student.
    "Guest" (already in use) Used for BYOD separate from the network works fine.
    "Student WIFI" we want to create this and force the "Student" filter to it......mainly for student chromebooks.
    "Staff WIFI" we want to create this and force the "Staff" filter to it......mainly for Staff chromebooks.

    Cheers guys/gals

  2. #2

    Join Date
    Mar 2009
    Location
    Rochdale
    Posts
    45
    Thank Post
    0
    Thanked 7 Times in 7 Posts
    Rep Power
    12
    Id create two new vlans, and have the new wireless networks drop onto those vlans, you can then apply a filter policy to those subnets (so filter by location).

    We do this with our ipads for students and have them use proxy authentication (so whn they access the net a little popup asks them for their username and password with a session cookie), for the chrome books on the chrome management console we have them access two networks, as the chrome book requires transparent filtering to even log you in we have it connect to the same network (ssid) this initally is transparent and allows the chrome book to get to google authentication, when the user logs in we have a proxy specified on the chrome management console for users, this directs them to a dedicated proxy url for the chrome books which again promps them for the proxy authentication, you have to do it this way to allow the chrome book to login but then record who is using the chrome book.

    For staff devices we have set infinate leases (server 2012dhcp) for the staff ipads and just have their network set to be on transparent authentication, this way if something did crop up we could trace the ipad by the ip address, quick nslookup would tell us whos ipad it is.

    You could do the same with the staff network for the chrome books.

    We have recently set this up and the configuration is working really well, used in lots of maths lessons and is stable, we get all users to login to the chrome books as a standard school user (generic) and the homepage is set to the vle, to get onto the internet is their username and password, when they log off all settings from that session are dropped, the vle also has google sso so they can access their gmail etc

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 0
    Last Post: 20th October 2011, 12:45 PM
  2. [Fog] How to add NIC drivers to the Kernel
    By maniac in forum O/S Deployment
    Replies: 3
    Last Post: 1st April 2011, 03:04 PM
  3. Flash How to add another level?
    By Jonny_5 in forum Coding
    Replies: 1
    Last Post: 24th November 2009, 10:38 PM
  4. [Fog] How to Add boot images to the PXE Menu
    By ChrisH in forum O/S Deployment
    Replies: 6
    Last Post: 25th September 2009, 08:24 PM
  5. For Cisco 1841 router - I need to add another ethernet card
    By nsimov in forum Internet Related/Filtering/Firewall
    Replies: 2
    Last Post: 19th May 2009, 09:05 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •