Internet Related/Filtering/Firewall Thread, Bit of help with setting up Bring Your own devices in Technical; Hi, We are just in the process of implementing Bring Your Own Device for our Sixth Form. We have installed ...
1st February 2012, 10:09 AM #1
- Rep Power
Bit of help with setting up Bring Your own devices
Hi, We are just in the process of implementing Bring Your Own Device for our Sixth Form. We have installed Meru wireless access points and we already have 2 Smoothwall UTM 1000 devices.
Obviously what we would need is the students accessing their own wireless network by creating a hotspot on the Meru network and this will be assigned a seperate VLAN from our normal school network.
The bit where I am lacking in experience is the setting up of the Smoothwall device. Reading other posts, it recommends setting up a SSL login page so when they log into the Meru access point the Smoothwall SSL login page appears and they use their normal school username and password. What I am after is assistance or advice in setting up the VLAN, DHCP, SSL Login page and Proxy configuration .pac file on the Smoothwall. Any advice or assistance would be greatly appreciated.
1st February 2012, 11:41 AM #2
Before you start configuring any of this, the very first question to ask is: Do you want Android devices pre-Ice-cream-sandwich to use this hotspot? If so, SSL Login will not work for them as they cannot support the keep-alive connection - when a browser window is closed or superceded the connection is closed. We are working on mobile devices and there are a lot of exciting things going on down in the development dungeon, but at present this is still a limitation of the Android operating system.
If you want Android devices on your network you will need to use an Ident by Location rule and use it to link the location (defined by network range) to a group then configure a bunch of 'Wireless hotspot' policies
You may like to take a look at Kanal von SmoothWallTV - YouTube as I think many of your configuration questions are answered in various videos on there.
1st February 2012, 11:58 AM #3
- Rep Power
Hi, no we will not be allowing mobiles on initially so am looking at just laptops, ipads etc.
1st February 2012, 12:29 PM #4
- Rep Power
Is it possible to get abit more details as the videos do not cover what I need to do?
1st February 2012, 01:01 PM #5
I can provide general advice here but if you want to spend a lot of time with an engineer getting it set up step by step you will need to book in a session via your support contract, if you do not have a support contract you will need to speak to your sales representative who will discuss your options with you. You mention in your original post that you are looking for advice on setting up these features - what sort of advice are you after - best practice, things to avoid, that sort of thing or are you looking for a step-by-step walkthrough (which we cannot do here)?
For example, regarding VLANs - how you set this up will depend entirely on how the VLANs are hosted - do you have a VLAN host going through a switch into a single interface of the Smoothwall or are you wanting the smoothwall to manage your VLAN? If you want to set up a VLAN on the Smoothwall you would do this in networking > interfaces > interfaces, you would select the physical NIC you are using then configure your VLAN tag. This tag would obviously then be used on your managed switch to direct the traffic coming into the Smoothwall (and we cannot physically configure your switch for you, we are only permitted to offer suggestions - you would need to manage this yourself or via your MSP).
You could then apply different authentication methods to each 'virtual interface'. If the traffic is coming in from a managed VLAN host, it will come in on 1 IP to 1 interface and so the smoothwall will only see this as 1 network on this port.
As I said, we can give general advice here but for a step-by-step guide you would need to get this booked in via your support contract. You would also need to provide more specific information about your setup (as demonstrated by the two possible types of VLAN setup) which may not be appropriate to share on a public forum and so I would never ask for this information outside of a support ticket.
1st February 2012, 01:03 PM #6
- Rep Power
Hi, Many thanks for the excellent advice. We do have a full support contract but was not sure that we could get step-by-step walkthrough with that. Now that I know we
can I will arrange a call.
By kennysarmy in forum Internet Related/Filtering/Firewall
Last Post: 24th January 2012, 09:05 PM
By undercover in forum *nix
Last Post: 20th August 2009, 12:35 PM
By tickmike in forum Windows
Last Post: 9th August 2006, 02:08 AM
By tickmike in forum Wireless Networks
Last Post: 13th July 2006, 11:28 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)