+ Post New Thread
Results 1 to 6 of 6
Internet Related/Filtering/Firewall Thread, Guest wireless access in Technical; We wish to set up guest access to our wireless network in such a way that students can access the ...
  1. #1

    Join Date
    Sep 2007
    Posts
    181
    Thank Post
    4
    Thanked 2 Times in 2 Posts
    Rep Power
    15

    Guest wireless access

    We wish to set up guest access to our wireless network in such a way that students can access the internet from their own devices without seeing anything else on the school network. We have set this up a second, unsecured SSID on our Ruckus wireless controller.

    I assume we somehow need to configure a second DHCP server to issue IP addresses to guest devices in a different range from the school domain. Unfortunately the wireless controller cannot do this itself.

    Does anyone have any experience of this and have any suggestions on how it can be achieved?

    Thanks

  2. #2
    White_Fi's Avatar
    Join Date
    Sep 2008
    Location
    Ipswich
    Posts
    188
    Thank Post
    7
    Thanked 34 Times in 32 Posts
    Rep Power
    33
    Hi jwood, you can achieve this by using a layer3/4 ACL, or change the WLAN isolation to full.

    By setting the WLAN isolation to full this will apply the L3/4 ACL fromthe guest settings to the WLAN, plus prevent client to client traffic over te AP.

    This is configurable under guest access. By default the ZD will deny access to the subnet in which the ZD lives and all the other private ranges(192.169.x.x/16 etc). The are however 3 allow rules that you cannot see.
    These are allow DNS and DHCP on the broadcast and access to te default GW on all ports. So if you have a proxy or a different GW for the clients to hit then you will need to had this to the list, at the top.

    The other way is to create a L3/4 ACL is by going to access control on the ZD and and creating the ACL that is relevant then back to the WLAN in question and applying it under advance settings.

    This is subject to the code running on your ZD.

    You will heed to be on at least 8.2 in order to have both options avaliable to you.

    If you are on anything below, PM me.

    Sorry for spelling mistakes, on my phone.

    Thanks
    Stuart

  3. #3

    Join Date
    Sep 2007
    Posts
    181
    Thank Post
    4
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    Stuart, thanks for the information. I'll have a go at it this week and will hopefully get something sorted.

  4. #4

    Join Date
    Jan 2008
    Location
    South West
    Posts
    1,826
    Thank Post
    217
    Thanked 268 Times in 217 Posts
    Rep Power
    68
    If you offer guest WiFi you'll in effect become an ISP? You'll get it in the neck for all violations commited on that wifi, Copyright etc. Am I wrong?

  5. #5
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    819
    Thank Post
    84
    Thanked 136 Times in 116 Posts
    Blog Entries
    8
    Rep Power
    32
    We run Cisco wireless controllers here. Our guest WIFI access was setup as a segregated VLAN using a private class C address scheme. The controllers themselves will do DHCP, but we needed something more configurable so that would could set options in the DHCP scope. I whipped up a CLI install of Ubuntu with DHCP and Apache, and plugged it into the core switch with the port set to the guest WIFI VLAN. The entire point was to have a setup in place that could do automatic proxy detection for guest users since our guest WIFI requires proxy settings.

  6. #6
    atamakosi's Avatar
    Join Date
    Jun 2011
    Posts
    110
    Thank Post
    7
    Thanked 11 Times in 9 Posts
    Rep Power
    14
    Our school also is using a Ruckus setup. The issue i've had concerns guest wireless access and our proxy server. When explaining to a user what I am changing their internet options and that they will need to disable the proxy settings when finished, they usually end up saying forget it. Has anyone else figured out a solution for Ruckus ZD to either bypass the proxy or provide proxy detection for guests like Duke5A has?



SHARE:
+ Post New Thread

Similar Threads

  1. ruckus guest wireless
    By nephilim in forum Internet Related/Filtering/Firewall
    Replies: 2
    Last Post: 7th November 2010, 11:28 PM
  2. VLAN for Guest Wireless
    By mickeyh080 in forum Wireless Networks
    Replies: 6
    Last Post: 12th August 2010, 12:08 PM
  3. HP msa750 wireless guest access?
    By nicholab in forum Wireless Networks
    Replies: 0
    Last Post: 9th October 2009, 10:27 AM
  4. Wireless Guest Access for PDA's,Laptops,IPhones using VLAN
    By steveo2000 in forum Wireless Networks
    Replies: 15
    Last Post: 28th July 2009, 12:07 PM
  5. Wireless Guest Access
    By steveo2000 in forum Internet Related/Filtering/Firewall
    Replies: 9
    Last Post: 19th March 2009, 07:41 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •