I have created a subinterface for a Wireless only subnet on an ASA. This is also providing the DHCP for the wireless subnet.
Now I would like to bring wireless users in as securely as possible, within the constraints of the network infrastructure.
On AP. (AP will be locked down as securely as possible)
1/ Don't broadcast SSID.
2/ WPA2 authentication. Pre shared key
3/ Implement MAC address filtering. ( for when people give their friends the Pre shared key )
On ASA.
4/ Create Remote Access VPN group with AD authentication.
5/ Create Firewall rules to restrict access as required.
What I need to know is this.
I want the traffic to have to authenticate at point 4/ before continuing through the ASA at point 5/.
Is this possible ?
Now I would like to bring wireless users in as securely as possible, within the constraints of the network infrastructure.
On AP. (AP will be locked down as securely as possible)
1/ Don't broadcast SSID.
2/ WPA2 authentication. Pre shared key
3/ Implement MAC address filtering. ( for when people give their friends the Pre shared key )
On ASA.
4/ Create Remote Access VPN group with AD authentication.
5/ Create Firewall rules to restrict access as required.
What I need to know is this.
I want the traffic to have to authenticate at point 4/ before continuing through the ASA at point 5/.
Is this possible ?
