Internet Related/Filtering/Firewall Thread, Guest Wireless Advice in Technical; Iím after a bit of advice. Our school letís pupils bring in their own laptops to work on if required, ...
14th December 2010, 01:27 PM #1
Guest Wireless Advice
Iím after a bit of advice. Our school letís pupils bring in their own laptops to work on if required, likewise staff like connecting there iPhones etc, to the wireless. For this reason we use Cisco access points. The 4410N which supports up to 4 SSIDS.
We have 2 SSIDS being broadcast Ė 1 called school which is secured using WPA2 and is on the default VLAN which we use for trusted school devices. The other SSID is called open- and is open and is tagged on a VLAN and at present goes nowhereÖ..
What we want to do it take the VLAN so that when users connect to it they are presented with a webpage to login with their school credentials. Ideally the product needs to be free and not require them to set a proxy on their computers.
I've attached an image of what I'm trying to achieve - hopefully it will clear it up a bit!
IDG Tech News
14th December 2010, 01:28 PM #2
You need to setup WPA2-Enterprise with and make one of your DCs a RADIUS server - theres a few guides here on here if you run a quick search.
14th December 2010, 02:32 PM #3
we have done something similar, i used a linux box two lan cards one on our lan one on the open vlan with Apache to host the wpad.dat DHCP to give out addresses and Squid to act as a proxy all requests were forwaded to proxy.swgfl.org.uk. you could get the squid box to act as a transparent proxy though i never got this to work. by having the wpad file if detect settings automatically is ticked it works. in Squid you can set up the ACLs to require authentication against an AD group.
29th December 2010, 06:03 PM #4
- Rep Power
I provide guest access using a box running pfSense (really a VM), it has an external connection and one to the guest/visitor VLAN.
I'm using pfsense 2.0, it's setup to authenticate against AD and has squid running in transparent mode with an upstream proxy configured. The Captive Portal service prompts users for their AD login, all seems to work well
3rd March 2011, 04:12 PM #5
Hi Natm could you give me some instructions on how you set this up as we are struggling to get Pfsence to work without the cd thanks in advance
By nephilim in forum Internet Related/Filtering/Firewall
Last Post: 7th November 2010, 10:28 PM
By mickeyh080 in forum Wireless Networks
Last Post: 12th August 2010, 11:08 AM
By nicholab in forum Wireless Networks
Last Post: 9th October 2009, 09:27 AM
By steveo2000 in forum Internet Related/Filtering/Firewall
Last Post: 19th March 2009, 06:41 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)