Steps needed for Guest access / self-provisioning accounts

Answered Question
May 14th, 2009

I am getting a bit overwhelmed with information regarding the set up of guest users on the Wireless network, and have a couple questions that I was hoping the community would answer.

I'm running a WiSM on software version 4.2, as well as a WCS on the same version.

1. Is it possible to have accounts created by the users themselves after they associate to the wireless network? If so, what needs to be done to set this up?

2. Does a special VLAN need to be created for guests to use?

I have this problem too.
0 votes
Correct Answer by JASON BOYERS about 7 years 8 months ago

For the first question, if you want more than users putting in an email address for tracking purposes, Fella5 is right on.

To answer the second question, you don't technically need a special VLAN for guest users. In most cases, however, you should have one to better apply security settings in your network to guests. In our office, with 10 people, we are using the same subnet for internal data, voice, and guests. However, we are using 3 different SSIDs with different security policies and QoS policies applied to them. And, the guest SSID has an ACL applied to it to limit traffic to the Internet only. When you're given a /27 subnet to work with, you make do :)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
jpeterson6 Tue, 05/19/2009 - 08:49

Any feedback on this?

I have heard that it's possible to set up self-provisioning so that a guest can have temporary access, but I am unable to find any documentation to support this.

It's leading me to assume that it's not possible, however some confirmation would be greatly appreciated.

Correct Answer
JASON BOYERS Tue, 05/26/2009 - 19:43

For the first question, if you want more than users putting in an email address for tracking purposes, Fella5 is right on.

To answer the second question, you don't technically need a special VLAN for guest users. In most cases, however, you should have one to better apply security settings in your network to guests. In our office, with 10 people, we are using the same subnet for internal data, voice, and guests. However, we are using 3 different SSIDs with different security policies and QoS policies applied to them. And, the guest SSID has an ACL applied to it to limit traffic to the Internet only. When you're given a /27 subnet to work with, you make do :)

jpeterson6 Wed, 05/27/2009 - 05:50

Thanks for the answers guys.

The fact I need an extra appliance sure makes sense now as to why I was having issues sorting through the WCS documentation to find information on this.

Thanks as well for the tip about having a separate SSID even though it's on the same VLAN as the others. It makes a lot of sense.

Actions

This Discussion

 

 

Trending Topics - Security & Network