Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

wireless access

Status
Not open for further replies.
dupas

dupas

Technical User
Aug 19, 2006
79
US
I work in an environement of about 120 employees...
I want to have the capabilities of bringing a laptop into a conference room and having access to our network/internet during a meeting. I also want clients to be able to have access only to the internet on their laptops too.

For the amount of people I would have to say maybe 5-8 at one time, no more than 20 ever.

I would like to secure it so no outsider can hit the network.

How can I go about doing this? What piece of equipment do I need to purchase for a medium size company?
 
Sort by date Sort by votes
Depends on the geographical size of your network and what you want to do in terms of reports, blocking, security etc.

I have one wee 3Com office connect that serves me for 33,000 sqr feet with excellent signal and diminishes after that.

If you block outsiders using it then you need to encrypt it but if you want visitors to be able to connect to it without issue then you need to leave it open. Or come up with a way of publicising the encryption key.

I would recomend 2:
1 for internal users
1 for visitors

Use non-broadcasting SSID for internal users with as much security that your Wireless adapters can handle and make this networked. (Even if this is hacked the person hacking still needs to get past your windows security to access anything).

Stick the second one out in your DMZ or striaght on the internet and either leave this open - means ANYONE can access it - or leaving it broadcasting the Sid and distribute the encryption key to certain people who will have visitors needing access or insist visitors contact you to come and install the key.

Iain
 
Upvote 0 Downvote
You really want your internal (private) wireless network to use WPA2, don't broadcast the ssid and 802.1x authentication. This should provide you with strong protection. Some Wireless Access Points allow you to do both the private and the public wireless on the same access point and split the traffic using VLAN's.

Dan
 
Upvote 0 Downvote
at a min.. use WPA with a preshared key..

dont use the default ssid.. turn broadcasting off (even though this does not disable beaconing)..

We use a reservation DHCP server with Fluke monitoring software to make sure that no one sneaks on with a static configured node. But I would imagine this depends on how you currently have your node addressing setup.

I would go with a subnet or a vlan where the AP is internet only if you want to go that route...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

smittywes38
  • Locked
  • Question
Unable to print to wireless printer connected to VPN
Replies
0
Views
144
smittywes38
smittywes38
DenisTz
  • Locked
  • Question
Wireless Management software
Replies
0
Views
162
DenisTz
DenisTz
mwiinde
  • Locked
  • Question
How to Send Data Packet From Ms Access 2016 to Rs 232 Serial Port
Replies
0
Views
167
mwiinde
mwiinde
DrJorde
  • Locked
  • Question
No wireless receiver detected on your computer message after plugging in a USB3 1
Replies
3
Views
517
DrJorde
DrJorde
kythri
  • Locked
  • Question
Cisco 4404/WiSM (1st generation) - Guest Wireless Help
Replies
0
Views
117
kythri
kythri

Part and Inventory Search

Sponsor

Back
Top