Sorry to cross post but I think posting this in the 'Getting Started' section was a mistake as this is a pretty advanced (for me at least) configuration.
Thanks in Advance.
Board Office: Cisco 3750 Catalyst (HP 2600 switches)
High Schools: Cisco 2851 ISR (HP 2524 switches)
Elementary Schools: Cisco 2811 ISR (HP 2524 switches)
Agency Offices: Cisco 1812 ISR (HP 2524 switches)
Cisco ASA 5510
Cisco Secure ACS 4.1 Appliance
(These 2 boxes are new and just setup for VPN access at this time)
Each School has its own Domain/Forest with no trusts or knowledge of the others.
Each School has 2 subnets in the 10.X.1.1 / 16 range (Admin / Curric) no VLANs today.
Currently we have about 200 autonomous WAP's Cisco 1131 and 1200's
We are rolling out wireless and guest access to all schools and will have approx 600 WAPs
We are looking at getting the following:
Catalyst 6509E WiSM Bundle w/ 2nd WiSM
Wireless Guest Controller 4400 Series
Wireless Control System (WCS)
Access Points 1131 LWAPPs
I have some serious concerns because of our Active Directory structure being autonomous at each school, how can I authenticate centrally? Which protocol should I use? I would be willing to use one account for all of our Board owned laptops, ideally with these credentials entered before the laptops are imaged.
For the guest access we would like the teachers / students to enter Employee ID or Student Number to gain access, how should I handle that?
I was told that all of the laptops are going to be on one subnet, no matter which location they are at. I can live with that but it would have been nicer if they had the same subnet as the school they are in.
Any help, suggestions, links to other forums or articles would be appreciated. I am feeling overwhelmed at this point.