+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
Internet Related/Filtering/Firewall Thread, Anyone work in a Boarding School...? in Technical; If so how do you go about providing the kids with internet access? Do you have a seperate connection for ...
  1. #1

    Join Date
    Nov 2007
    Location
    Manchester
    Posts
    206
    Thank Post
    2
    Thanked 13 Times in 7 Posts
    Rep Power
    17

    Anyone work in a Boarding School...?

    If so how do you go about providing the kids with internet access? Do you have a seperate connection for them? Do they just pick up in IP from your main DHCP and push the Schools PCs and theirs through the same connection? Do you have a completely seperate network for their personal laptops which doesn't touch the school's network? What speed connections are you running?

    Any thoughts or answers would be good.

    Cheers
    Adrian

  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,373
    Thank Post
    906
    Thanked 1,811 Times in 1,559 Posts
    Blog Entries
    12
    Rep Power
    468
    I know someone who does....

    They have a seperate V-lan on the managed WIFI that is open for kids. On the V-lan all they can do is go on the filtered internet. The internet uses the same connection as the school

  3. #3

    Join Date
    Feb 2008
    Posts
    270
    Thank Post
    14
    Thanked 44 Times in 35 Posts
    Rep Power
    22
    ^ ^ This is how we have it setup for our guest wireless users.

  4. #4
    DanW's Avatar
    Join Date
    Oct 2007
    Posts
    246
    Thank Post
    35
    Thanked 12 Times in 12 Posts
    Rep Power
    19
    Yes,

    We have a 'guest' wireless with a WPA password on that the kids use. Although we are just in the middle of a refurbishment and will be providing network sockets in all rooms.

    Eventually when i can pull my finger out i'll have a new vlan to keep them off the main school network

    We have 100MBit leased line

    All traffic is filtered regardless

    Dan

  5. #5

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,373
    Thank Post
    906
    Thanked 1,811 Times in 1,559 Posts
    Blog Entries
    12
    Rep Power
    468
    the friend I know has his wireless open. When you connect you get a username and password box. You login using AD credentials

  6. #6

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,532
    Thank Post
    1,341
    Thanked 470 Times in 307 Posts
    Blog Entries
    6
    Rep Power
    200
    we dont let their own laptops on the internet at all. There is a suite of workstations, and a couple of other machines dotted about the boarding house for them to use whenever they want and at homework time. This internet connection uses the same filtering/logging system as the main school internet.

  7. #7

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,373
    Thank Post
    906
    Thanked 1,811 Times in 1,559 Posts
    Blog Entries
    12
    Rep Power
    468
    How restricted is your filtering?

  8. #8

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,532
    Thank Post
    1,341
    Thanked 470 Times in 307 Posts
    Blog Entries
    6
    Rep Power
    200
    for the students its very strict. Still the occasional proxy crops up they are able to get through, but they are nipped in the bud sharpish

  9. #9
    ASJ
    ASJ is offline
    ASJ's Avatar
    Join Date
    Jun 2008
    Location
    Northampton
    Posts
    28
    Thank Post
    0
    Thanked 4 Times in 4 Posts
    Rep Power
    14
    WE've seperated the wireless network from the LAN, but only recently.

    The wireless is now controlled by a Cisco firewall which controls all access with username and password (AD). The only ports open to them are 80 and 443 and they
    HAVE to go through our web filter. THis is pretty strict, including no internet during prep, only email.

  10. #10

    Join Date
    May 2008
    Location
    York
    Posts
    515
    Thank Post
    22
    Thanked 49 Times in 46 Posts
    Rep Power
    25

    Seperate Vlan

    We have kids laptops on separate Vlan for wireless, (and wired in their studies come to that) all are filtered as harshly as I can get away with. Also time banded to restrict their usage times.(other wise they leave them on all night long)

    All children and teachers share one 16mb connection and Admin and It share a 7mb connection (also filtered, but not as harshly)

    I personally would not let them on my network as we have lots of different languages on their laptops and they could be running all sorts of nasties and we would never know.

    But as we do let them if I could afford another connection for them I would as if they are doing anything doggy, it used to kill connection, their fav was using ultrasurf until I finally managed to block it last week.

  11. #11
    DanW's Avatar
    Join Date
    Oct 2007
    Posts
    246
    Thank Post
    35
    Thanked 12 Times in 12 Posts
    Rep Power
    19
    Quote Originally Posted by imiddleton25 View Post
    We have kids laptops on separate Vlan for wireless, (and wired in their studies come to that) all are filtered as harshly as I can get away with. Also time banded to restrict their usage times.(other wise they leave them on all night long)

    All children and teachers share one 16mb connection and Admin and It share a 7mb connection (also filtered, but not as harshly)

    I personally would not let them on my network as we have lots of different languages on their laptops and they could be running all sorts of nasties and we would never know.

    But as we do let them if I could afford another connection for them I would as if they are doing anything doggy, it used to kill connection, their fav was using ultrasurf until I finally managed to block it last week.
    Which school in york are you in?

    Dan

  12. #12

    Join Date
    Nov 2007
    Location
    Manchester
    Posts
    206
    Thank Post
    2
    Thanked 13 Times in 7 Posts
    Rep Power
    17
    Quote Originally Posted by RabbieBurns View Post
    we dont let their own laptops on the internet at all. There is a suite of workstations, and a couple of other machines dotted about the boarding house for them to use whenever they want and at homework time. This
    That seems a little harsh unless you actually have enough PCs for all the kids to do their homework online at the same time. Surely as boarders there is a duty of care to allow them to have something resembling a normal home-life... e.g. use of their own laptop through a filtered internet connection.

  13. #13

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,532
    Thank Post
    1,341
    Thanked 470 Times in 307 Posts
    Blog Entries
    6
    Rep Power
    200
    They can use their laptops as much as they like, just not online. If they want to go online they can use the provided machines. There is only 60 boarders, and there is about 10 machines with internet. They use their own laptops for word processing etc, and if they need to do some research online during prep time there is never an issue with not getting a PC.

  14. #14

    Join Date
    Nov 2007
    Location
    Manchester
    Posts
    206
    Thank Post
    2
    Thanked 13 Times in 7 Posts
    Rep Power
    17
    Thanks for the input guys.

    Currently our students can just access our network by plugging into a port in their room or using the wireless. The DHCP gives them an address and sends them through our filtered connection (same connection as the rest of the School).

    Would like to be able to still do this, but without them being able to see the network... although with NT permissions they can still only see what they could see if they were on one of the Schools PCs.

    Sounds like a VLAN is the way forward to seperate them from the network but still push them through the same router/internet connection......

    We use HP Procurves for our switches (2800s and 1800s) so I'm sure we could do this, but I'm not sure how it all works in a VLAN formation. Can anyone point to a good diagram of how a VLAN works and the switches talk to each other etc.... as I'm not sure I get how if one switch is seperated into 2 VLANS but only has 1 connection back to the main switch... how does the main switch tell which VLAN its from? Do I need one cable back to the main switch from each VLAN and split the main switch into 2 VLANs as well... then which VLAN connects to the router... how do I get a different IP range (which I presume I need to give the students pcs) over one VLAN etc.....


    ..... basically I haven't a clue, and everything I've read so far is too technical... I need the basics on how I'm supposed to split up the network and connect it first!

  15. #15

    Join Date
    Nov 2007
    Location
    Manchester
    Posts
    206
    Thank Post
    2
    Thanked 13 Times in 7 Posts
    Rep Power
    17
    Ok.... I think I might be understanding a bit more.

    If I was to use Port-based VLANs I could assign certain ports on one of the edge switches (e.g. those going to the network points in the students rooms) to a VLAN and all the ports going to the Schools PCs to a different VLAN. If I do this on all edge switches and use the same VLAN IDs for the all the School connections and the same VLAN ID for all the Student rooms connections, then we should be getting somewhere.

    Now, am I right in thinking that if I put a cable between the edge switches and the core switch, I would only need to connect via a port that is on the default VLAN and this would allow the VLANs with same ID but on a different switch to talk to each other?

    If that is correct, then next question how do I assign an IP address to the students PCs if the DHCP server is in the School VLAN and not the Student VLAN?



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. "if you can't work with them, work round them"
    By djm968 in forum General Chat
    Replies: 45
    Last Post: 30th June 2008, 12:13 PM
  2. Mountain Boarding
    By Vegas in forum General Chat
    Replies: 20
    Last Post: 29th October 2007, 02:14 PM
  3. Replies: 7
    Last Post: 26th October 2007, 12:41 AM
  4. Does anyone work in a BSF built school?
    By beeswax in forum BSF
    Replies: 4
    Last Post: 23rd February 2007, 12:47 AM
  5. Anyone here work in a school in Birmingham LEA area.?
    By tosca925 in forum General Chat
    Replies: 6
    Last Post: 18th October 2005, 05:30 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •