Wireless Networks Thread, effortless guest wifi in Technical; One of our SMT goes to mcdonalds and gets on free wireless without having to mess around with wpads or ...
9th May 2013, 11:16 AM #1
effortless guest wifi
One of our SMT goes to mcdonalds and gets on free wireless without having to mess around with wpads or proxy urls and wants to know why we can't have such an effortless system here.
Obviously McD have some kind of transparent proxying going on.
Currently our setup is wpad/pac.
We tried transparent proxy before wpad but ssl didn't work and getting round that seemed to involve dodgy Man-in-the-middle decrypting packets.
So I'm wondering what commercial solutions exist for transparent proxies?
IDG Tech News
9th May 2013, 11:46 AM #2
We used a Smoothwall UTM that did that just fine with Ruckus managed wireless. We had a guest portal to hold things secure from the students so that was a passkey but that was all we had once through that it just worked and was fine.
9th May 2013, 12:02 PM #3
What switches and proxy server do you have? You could look at Cisco WCCP.
9th May 2013, 01:01 PM #4
3com switches with a debian proxy.
Originally Posted by FN-GM
14th May 2013, 03:22 PM #5
I gave up on smoothwall express. It didn't work and I had no idea why and no idea how to find out.
I went back to our self built wpad proxy and figured out how to make transparency work, ssl too.
although seems there's a problem with app store...
14th May 2013, 04:07 PM #6
Try endian firewall. It's a turnkey dans guardian based firewall/proxy.
14th May 2013, 04:16 PM #7
turn off all the school security and bingo SMT have what they need. Probably not such a good idea working on student data from McD's.
14th May 2013, 04:16 PM #8
We did it in Smoothwall, we now do it with Lightspeed
14th May 2013, 04:29 PM #9
We do it here too, 2 vlans, one is guest - goes to a smoothwall with transparent authentication, the guest ssid is just open, basic filtering on the smoothwall - not ideal but it works.
15th May 2013, 10:00 AM #10
I have just thought, no we don't. We do it with Ruckus. Not sure where my brain was when i posted the above. Ruckus deals with our guest pass generation and login page for users. Lightspeed just deals with the filtering on the SSID / VLAN.
Originally Posted by RTFM
Heads a shed.
15th May 2013, 10:09 AM #11
All you need is pfsense, its also got Proxying like Dansguardian and squid and it has captive portal. Have used it in cafe's and the likes myself! Piece of cake to configure and easy to manage as it looks just like a normal router interface.
Last edited by cpjitservices; 15th May 2013 at 10:12 AM.
15th May 2013, 10:33 AM #12
I was thinking of setting up an un-routable Vlan and sticking a domestic adsl broadband router onto it. That way I'm not using my £6000 BB connection so people can view youtube videos. I could still use opendns if filtering was an issue.
15th May 2013, 10:43 AM #13
Thanks to jinnantonnixx from:
chazzy2501 (15th May 2013)
15th May 2013, 04:11 PM #14
Do you use an upstream cache peer for filtering? I was building a Squid proxy for this very purpose and found out there is a bug in Squid that when using SSL bumping with a cache peer it will actually send SSL traffic to the cache peer unencrypted. After reading that I gave up on the project as it was a deal breaker. I don't know if it has been fixed yet.
Originally Posted by browolf
By Frank99 in forum Wired Networks
Last Post: 2nd April 2013, 02:46 PM
By chazzy2501 in forum Internet Related/Filtering/Firewall
Last Post: 16th May 2012, 04:01 PM
By mattpant in forum Wireless Networks
Last Post: 6th February 2012, 11:46 AM
By djones in forum Wireless Networks
Last Post: 28th October 2010, 11:36 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)