Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1071
Views
0
Helpful
6
Replies

Wireless access for visitors

patrick.lopez
Level 2
Level 2

‎09-23-2003 04:31 PM - edited ‎07-04-2021 09:01 AM

Can someone suggest the best way to set up wireless access for visitor’s (non company employees) internet access only. We would like to secure the access point so only permitted visitors could attach to the AP with the least administrative effort.

I was thinking two access points. One using PEAP or LEAP to authenticate our employees. The other for the visitors. We could use access lists to permit only web traffic but I am not sure about the security set up for this situation. Something that is not a lot of administrative effort but secure. Is there such a solution?

How does McDonalds do it?

Thanks

PL

Labels:
0 Helpful
6 Replies 6

c.tenley
Level 2
Level 2

‎09-24-2003 05:25 AM

You could use only one AP if they are Aironet APs. A simple solution would be to create two VLANs, one for employees, that uses PEAP or LEAP, and a guest VLAN, that is open. Create a ACL (Access Control List) on your switch/routers that the AP is connected to that only permits the guest VLAN to point towards your internet gateway. Here is a link on how to set up multiple VLANs:

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/accsspts/ap350scg/ap350ch4.htm

0 Helpful

patrick.lopez
Level 2
Level 2
In response to c.tenley

‎09-24-2003 05:54 AM

Thanks,

That much I understand.

I was trying to avoid just any visitor connecting or strangers nearby connecting and using my internet bandwidth.

Any way around this problem?

Thanks

PL

0 Helpful

travis-dennis_2
Level 11
Level 11
In response to patrick.lopez

‎09-24-2003 09:20 AM

I would still do what c.tenly suggested but you could also put a MAC filter on the AP. Only cards that are on your list can pass traffic. True you have to get the MAC address from the visitor and put it on the list but I don't see any other way to accomplish what you want.

0 Helpful

patrick.lopez
Level 2
Level 2
In response to travis-dennis_2

‎09-24-2003 10:00 AM

Thats what I thougt. I wanted to post it to get some feedback.

I am curious how McDonalds is going to set this up.

I read that they are going to be selling 1 hour access times for $3.

Are they going to input each mac address?

PL

See link below:

http://www.mcdonalds.com/countries/usa/whatsnew/pressrelease/2003/03112003/index.html

0 Helpful

travis-dennis_2
Level 11
Level 11
In response to patrick.lopez

‎09-24-2003 10:24 AM

No. What I hear is that they will be using some form of username/password authentication. No Mac filter. You pay your money and they give you a reciept with the info.

0 Helpful

BERNHARD FIEGLMUELLER
Level 5
Level 5
In response to travis-dennis_2

‎09-24-2003 09:35 PM

I think they use BBSM, so you also could use a BBSM for your Problem:

http://www.cisco.com/en/US/products/sw/netmgtsw/ps533/ps3987/index.html

bernhard

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card