+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 24 of 24
Wireless Networks Thread, Ruckus, Smoothwall & Radius in Technical; Fingers crossed....
  1. #16
    rob_coles's Avatar
    Join Date
    Mar 2007
    Location
    Hull
    Posts
    104
    Thank Post
    15
    Thanked 13 Times in 9 Posts
    Rep Power
    18
    Fingers crossed.

  2. #17

    Join Date
    May 2011
    Location
    York
    Posts
    51
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    7
    Between removing the proxy.pac for the wifi network and upgrading my ZD1000 to a ZD1100 ive got this working.

    Only thing that i'm struggling with is windows laptops wont connect without manually importing the WPA enterprise CA Certificate from the smoothwall. This is a BYOD headache, the easiest option would be to purchase a legitimate CA trusted certificate im struggling to find were to do this??

  3. #18
    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,017
    Thank Post
    304
    Thanked 288 Times in 200 Posts
    Rep Power
    120
    @stgoodyeara ive tried this and failed with the smoothwall and ruckus to get authentication obto the ssid.

    If it set ruckus to look at the smoothwall as a radius server (cant remember exacy what the options weee but tried all sorts before today) and try to put say year2008 into the post16 group so they can only access the post16 ssid or only allow the staff group from ad to access the staff ssid and test the authentication, the test fails had reports that the members are in the default group.

    Ive been onto smoothwall about this and they say that an update is been tested for this problem.

  4. #19

    Join Date
    May 2011
    Location
    York
    Posts
    51
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    7
    @timbo343 I've achieved the authentication I'm looking for, sounds like your system is mentally complicated. I just have a single ssid that any student can authenticate with, they are then filtered according to the ad credentials supplied to the radius server.

    My remaining issue is that windows 7 laptops are very strict when it comes to 802.1x authentication. Windows 7 won't even entertain a connection to a radius server that isn't providing a valid ssl certificate, you can work around this on domain controlled PCs by using GP to add the smoothwall 802.1x certificate into the trusted authority on the computer. Even then it still moans abit when you connect for the 1st time. The issue is on a BYOD model I don't want to be messing around pushing certs onto student devices that we don't manage. Smoothwall have provided a guide on doing this, it's page 305 of this guide but as you can image a standard user isn't gonna achieve this

    http://www.smoothwall.com/media/1145...wall-admin.pdf

    So my remain query if anyone can answer it is: can I replace the 802.1x cert in the WPA enterprise section of the smoothwall for a purchased trusted CA cert to appease Bill Gates and his cronies

  5. #20
    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,017
    Thank Post
    304
    Thanked 288 Times in 200 Posts
    Rep Power
    120
    Ahhh i see, at the moment im only wanting post16 to access the wireless so dont want the rest of the students to gain access.

    As to your question, i guess so yeah but maybe @CJF or @tom_newton might be able to help)

  6. #21

    Join Date
    May 2011
    Location
    York
    Posts
    51
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    7
    That seems achievable to me. I'd just put a web filtering rule to block all students except post 16 when they are connecting on the ip range that assigned to the ssid.

  7. #22
    truebluesteve's Avatar
    Join Date
    Jan 2008
    Posts
    366
    Thank Post
    48
    Thanked 45 Times in 37 Posts
    Rep Power
    21
    Quote Originally Posted by stgoodyeara View Post
    @timbo343 I've achieved the authentication I'm looking for, sounds like your system is mentally complicated. I just have a single ssid that any student can authenticate with, they are then filtered according to the ad credentials supplied to the radius server.

    My remaining issue is that windows 7 laptops are very strict when it comes to 802.1x authentication. Windows 7 won't even entertain a connection to a radius server that isn't providing a valid ssl certificate, you can work around this on domain controlled PCs by using GP to add the smoothwall 802.1x certificate into the trusted authority on the computer. Even then it still moans abit when you connect for the 1st time. The issue is on a BYOD model I don't want to be messing around pushing certs onto student devices that we don't manage. Smoothwall have provided a guide on doing this, it's page 305 of this guide but as you can image a standard user isn't gonna achieve this

    http://www.smoothwall.com/media/1145...wall-admin.pdf

    So my remain query if anyone can answer it is: can I replace the 802.1x cert in the WPA enterprise section of the smoothwall for a purchased trusted CA cert to appease Bill Gates and his cronies
    I have the same problem, and its a proper pain in the backside so I would like to know the solution too. Adding it manually works but is hardly convenient!

  8. #23

    Join Date
    May 2011
    Location
    York
    Posts
    51
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    7
    @truebluesteve

    My LA support our smoothwall for us. They have reported that smoothwall themselves can put a real-world certificate onto the radius for us. They have created me a server certificate request and email it to me with the instruction to use it to purchase a real-world cert and send it back to them and they will import it for me.

    ill report back if it works.

  9. #24
    truebluesteve's Avatar
    Join Date
    Jan 2008
    Posts
    366
    Thank Post
    48
    Thanked 45 Times in 37 Posts
    Rep Power
    21
    That would be great - had a student with a Windows laptop yesterday and while it didn't take long to install, it seems a long winded way of doing it!

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Ruckus + Smoothwall + guest access - Idiots guide needed
    By sparkeh in forum Wireless Networks
    Replies: 7
    Last Post: 5th December 2013, 09:36 AM
  2. Yet another Ruckus->Smoothwall thread!
    By truebluesteve in forum Wireless Networks
    Replies: 6
    Last Post: 18th April 2013, 06:09 PM
  3. Ruckus, Smoothwall and guest access
    By Sheridan in forum Wireless Networks
    Replies: 23
    Last Post: 12th April 2013, 09:27 AM
  4. Replies: 0
    Last Post: 18th September 2012, 09:56 AM
  5. SSL Certs - Ruckus & SmoothWall Devices.
    By MYK-IT in forum Wireless Networks
    Replies: 21
    Last Post: 24th May 2012, 04:38 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •