Smoothwall/Ruckus guest WLAN

**badders** · 20th November 2009, 11:06 AM

Is anybody using Smoothwall and Ruckus and managed to get a guest WLAN working. We have no problem setting up a school WLAN for domain attached devices, but would like to enable students to use their own laptops to access the internet by authenticating against thier AD account. We've got as far as setting up another WLAN for students that asks for authentication using the Ruckus portal to authorize the device but then when we try to browse the internet Smoothwall blocks access due to the local user of the laptop being an unauthorised user. Would we have to use VLans with a separate DHCP server?

**tom_newton** · 20th November 2009, 11:37 AM

I wonder how the traffic is hitting Smoothie... if you want authentication, non-domain users *should* get a popup if they are presented with an ntlm handshake. Is ruckus proxying the traffic first?

You could potentially give "unauthenticated IPs" some very limited web access? You'd lose a bit of visibility though.

**badders** · 20th November 2009, 01:51 PM

We.ve manually set smoothwall as the proxy in the non-domain client, but we don't seem to get a pop-up asking for username/password. Would this be related to the SSL login settings in smoothwall?

**tom_newton** · 20th November 2009, 03:40 PM

Are you using NTLM on the domain?

**badders** · 20th November 2009, 04:23 PM

Smoothwall is set to use NTLM identification.

**pantscat** · 20th November 2009, 04:33 PM

Change it to NTLM authentication and hey-presto! I bet it will work...

Actually... scrap that. NTLM identification should work too...

**badders** · 1st December 2009, 10:00 AM

Tried both NTLM authentication and NTLM identifcation, a guest trying to access the internet still gets the unauthenticated ip/ username not allowed. I was expecting a popup box from smoothwall asking for a username password if the logged on account is not located in AD. Is this possible?

**tom_newton** · 1st December 2009, 03:31 PM

OOh... guest.. hmm. If they are not authed, the smoothie would probably pass the "who are ye request" back to the Ruckus box, and it may get filtered there. A tough one.

Maybe we can set this situation up at BETT if we can find an AD. Or perhaps we can borrow a ruckus for 5.

**DMcCoy** · 1st December 2009, 03:43 PM

Windows will helpfully return the details of the current user. You will need to use basic authentication to get IE to prompt. We had to run an additional instance of smoothwall due to only being able to use one auth method.

**tom_newton** · 1st December 2009, 05:24 PM

..which we promise to fix ASAP (we're working on it, honest

)

**Edu-IT** · 1st December 2009, 08:48 PM

Originally Posted by tom_newton

OOh... guest.. hmm. If they are not authed, the smoothie would probably pass the "who are ye request" back to the Ruckus box, and it may get filtered there. A tough one.

Maybe we can set this situation up at BETT if we can find an AD. Or perhaps we can borrow a ruckus for 5.

You could use the one on the EG stand?

LinkBack

Thread Tools

Search Thread

Smoothwall/Ruckus guest WLAN

Similar Threads

RUCKUS help - Guest access & the internet via Proxy

Ruckus Managed Wireless Causing A Ruckus!

Caretakers wlan

WLAN suggestions

Thread Information

Users Browsing this Thread

Tags for this Thread

Posting Permissions