Smoothwall/Ruckus guest WLAN Is anybody using Smoothwall and Ruckus and managed to get a guest WLAN working. We have no problem setting up a school WLAN for domain attached devices, but would like to enable students to use their own laptops to access the internet by authenticating against thier AD account. We've got as far as setting up another WLAN for students that asks for authentication using the Ruckus portal to authorize the device but then when we try to browse the internet Smoothwall blocks access due to the local user of the laptop being an unauthorised user. Would we have to use VLans with a separate DHCP server?
I wonder how the traffic is hitting Smoothie... if you want authentication, non-domain users *should* get a popup if they are presented with an ntlm handshake. Is ruckus proxying the traffic first?
You could potentially give "unauthenticated IPs" some very limited web access? You'd lose a bit of visibility though.
We.ve manually set smoothwall as the proxy in the non-domain client, but we don't seem to get a pop-up asking for username/password. Would this be related to the SSL login settings in smoothwall?
Are you using NTLM on the domain?
Smoothwall is set to use NTLM identification.
Last edited by badders; 20-11-2009 at 03:24 PM. Reason: Wrong info
Change it to NTLM authentication and hey-presto! I bet it will work...
Actually... scrap that. NTLM identification should work too...
Last edited by pantscat; 20-11-2009 at 03:44 PM. Reason: Bad advice!
Tried both NTLM authentication and NTLM identifcation, a guest trying to access the internet still gets the unauthenticated ip/ username not allowed. I was expecting a popup box from smoothwall asking for a username password if the logged on account is not located in AD. Is this possible?
OOh... guest.. hmm. If they are not authed, the smoothie would probably pass the "who are ye request" back to the Ruckus box, and it may get filtered there. A tough one.
Maybe we can set this situation up at BETT if we can find an AD. Or perhaps we can borrow a ruckus for 5.
Windows will helpfully return the details of the current user. You will need to use basic authentication to get IE to prompt. We had to run an additional instance of smoothwall due to only being able to use one auth method.
..which we promise to fix ASAP (we're working on it, honest)
You could use the one on the EG stand?Originally Posted by tom_newton
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions 
LinkBack URL
About LinkBacks
Reply With Quote