Providing Internet Access over a Private Secured Wireless Network

Unanswered Question
Apr 24th, 2007

Hope someone can help with this. I manage a small nursing home and I'm looking to provide my residents with internet access both via network and wireless. We use Cisco 1800 Routers, 1131AG Wireless AP's via POE from the routers on a Windows 2003 Network.

Currently our wireless is only for our internal use only, using WPA with a Radius Server (i.e for Med Carts, Laptops, etc) but I would like to provide a secure way of delivering Internet Access over the same network to our residents. Is this possible with my current equipment?

Hope I explained things clearly enough.

Any ideas would be a great help!



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
scottmac Tue, 04/24/2007 - 17:14

It shouldn't be too hard. The 1800 series is very competent for WAN speeds (DSL, Broadband, T1 ...)

You may need to upgrade your router IOS to include the new firewall software (preferred, it's an excellent firewall), or just put it behind a SOHO router ...

What kind of Internet access are you planning (DSL, Cable Broadband, T1 ...)?

Does your office already have Internet that you're going to share with the residents, or are you going to put in dedicated access for the residents (usually preferred for security reasons)?

For the wireless side, there are a few options, depending on your budget, and the devices you are connecting. You could go with something as simple as WPA/WPA2, if all of the devices support it, you could put in a "captive portal" ... which forces the user to a web page that can be as simple as just procaliming policy and requiring acknowledgement, or use it for full authorization.

SO, if you could fill us in on some of the details, and maybe offer your preferred level of security & such... it would be helpful.

Good Luck


salterinc Wed, 04/25/2007 - 04:49

We have Broadband 6Mbps/1Mbps. The routers are running the latest ios with firewall enabled.

No, we do not have internet access for our residents at this time, the network is only setup for business use. I would hate to add additional access points just for the residents. I was hoping to possibly use the same network, but maybe on a different VLAN. Just a thought.

Right now, our wireless is setup using wpa, w/radius allowing only Domain Computer accounts to connect to it.

Ideally, I would like residents to be able to authenticate and then get access. Your description of a "captive portal" sounds interesting. Would they be on the same logical subnet or would I need to setup a different VLAN and is that even possible with the 1131AG's? I know I can with the 1800 Router.

Subnet 192.168.1.x


Thanks again, and please let me know if you need any other info. Your help in steering me in the right direction is greatly appreciated.




This Discussion