+ Post New Thread
Results 1 to 5 of 5
*nix Thread, student laptop proxy in Technical; setting up a debian proxy for students personal laptops on a vlan. 2 nic job 1 > vlan, the other ...
  1. #1
    browolf's Avatar
    Join Date
    Jun 2005
    Location
    Mars
    Posts
    1,524
    Thank Post
    106
    Thanked 88 Times in 74 Posts
    Blog Entries
    46
    Rep Power
    40

    student laptop proxy

    setting up a debian proxy for students personal laptops on a vlan. 2 nic job 1 > vlan, the other > router
    was figuring i'd do

    squid
    dhcp
    dns
    some kind of firewall thing
    maybe automatic config script for browser settings.

    just setting up dhcp and thinking if i dont allocate addresses I can just have reservations as an additional layer of security but maybe there's better ways? mac filter on firewall software perhaps

    what do you think?

  2. #2

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182
    Quote Originally Posted by browolf View Post
    setting up a debian proxy for students personal laptops on a vlan. 2 nic job 1 > vlan, the other > router
    was figuring i'd do

    squid
    dhcp
    dns
    some kind of firewall thing
    maybe automatic config script for browser settings.
    Sounds fine.

    just setting up dhcp and thinking if i dont allocate addresses I can just have reservations as an additional layer of security but maybe there's better ways?
    Nah-ah. Not having a reservation doesn't stop somebody using a static IP in the right subnet; this is just obscurity.

    mac filter on firewall software perhaps
    Perhaps. But if your access points and switches support it, you would be better with RADIUS in MAC-login mode. Then only approved machines can even connect to the APs.

  3. #3
    browolf's Avatar
    Join Date
    Jun 2005
    Location
    Mars
    Posts
    1,524
    Thank Post
    106
    Thanked 88 Times in 74 Posts
    Blog Entries
    46
    Rep Power
    40
    Quote Originally Posted by powdarrmonkey View Post
    Sounds fine.



    Nah-ah. Not having a reservation doesn't stop somebody using a static IP in the right subnet; this is just obscurity.



    Perhaps. But if your access points and switches support it, you would be better with RADIUS in MAC-login mode. Then only approved machines can even connect to the APs.

    the wireless ap controller switches already have mac filters and a 26 char security key and maybe other stuff. my boss and the original equipment seller are dealing with that. i was figuring security + obscurity hehe

  4. #4

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182
    In that case, it's extra administrative overhead that you don't need.

  5. #5
    browolf's Avatar
    Join Date
    Jun 2005
    Location
    Mars
    Posts
    1,524
    Thank Post
    106
    Thanked 88 Times in 74 Posts
    Blog Entries
    46
    Rep Power
    40
    fair enough I'll just have it allocating addresses. cheers.

SHARE:
+ Post New Thread

Similar Threads

  1. If every student had a laptop......
    By broc in forum Hardware
    Replies: 27
    Last Post: 24th July 2012, 12:36 PM
  2. Student laptop connection to network
    By RoyG in forum School ICT Policies
    Replies: 35
    Last Post: 4th November 2009, 08:23 AM
  3. Student proof laptop?
    By MGSTech in forum BETT 2014
    Replies: 22
    Last Post: 16th January 2009, 09:01 PM
  4. Locking down student laptop
    By richard.thomas in forum How do you do....it?
    Replies: 17
    Last Post: 1st December 2007, 08:54 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •