Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
456
Views
0
Helpful
3
Replies

Security for New Wireless Network

Terence Lockette
Level 1
Level 1

‎12-15-2013 04:24 PM - edited ‎07-04-2021 01:26 AM

Hello all,

I'm in the process of planning, designing, and deploying a new wireless network.  This new wireless network will be for guest access only in residential buildings for the families of our patients that stay for an extended period of time.  I have a 2504 WLC that will manage roughly 42 LWAPs.  I would like to use 802.1x with PEAP either locally on the WLC or on a AAA RADIUS server.  The problem I'm having is trying to determine whether to use the dot1x framework due to the possibility of some BYODs not supporting it.  My initial thought was to use 802.1x with PEAP to secure/encrypt user traffic at layer 2 then use Web Auth to take them to a portal page (not sure if this can actually be done).  However, if I have to concern myself with devices that don't support 802.1x then I would have to resort to another security method or use no security and just use Web Auth.  Any ideas as to what solution I can use to keep our guests communications secure as well as redirect them to a portal page to accept an AUP and log in with an ID/Password combination?  Thanks!

Regards,

Terence

Labels:
0 Helpful
3 Replies 3

George Stefanick
VIP Alumni
VIP Alumni

‎12-15-2013 05:02 PM

I understand your concern. I work in healthcare and manage a large wifi network in the Texas Medical Center. While you can do 802.1X and aup it has it's challenges because of byod. A guest network is suppose to be ease of access which is either an open network or a open network with aup. But understanding you want to secure the users transmissions. You will need to choose open and full support of byod or 802.1X and possible limitation.

Also keep in mind 802.1X has client count limitations.

Sent from Cisco Technical Support iPad App

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎12-15-2013 05:32 PM

What I don't understand is if the APs will be installed in temporary residences for families of patients, why do you need 802.1x for?

0 Helpful

Terence Lockette
Level 1
Level 1

‎12-16-2013 10:44 AM

Thanks guys,

I got my answer today regarding this question.  It looks like we're not interested in securing guest wireless Internet access.  So we're going to use a Web Auth to a captive portal with an AUP before redirecting them to their requested Web site.  Thanks again for your responses.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card