Deny Access to visitors

Unanswered Question
May 25th, 2009

Hi Everyone,

daily i've atleast 9-10 visitors in my office and out of them mostly asks for internet connectivity, so i gives them wi-fi connectivity but the problem is once they are connected to network (if someone is too talented) they can access my private network and any data on the server.

so i need to prevent these things

please help me on this

the devices at my end

Cisco 24 Port Manageable Switch

Cisco 1800 Series Router

Cisco 506e Firewall

thanks in advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Farrukh Haroon Tue, 05/26/2009 - 06:14

What is your network topology like?

You can place wireless users in a separate VLAN and only allow the required protocols. Or deny access to your local network and permit everything else.

Regards

Farrukh

sagarshaha Tue, 05/26/2009 - 23:26

hi farrukh,

thanks for your response

we have a simple network right now.....everyone can access everything...i'm fine with that but if some visitors come and i dont want them to enter in my private network,right?

i do have 4 wireless AP but the thing is our users are also using the same and the coming visitors sometime needs wireless or wired anything they preferred

if it is possible let me know how can we deny this thing

thanks

Farrukh Haroon Tue, 05/26/2009 - 23:35

You can make two SSIDs one your APs. One for regular users and one for the guests. Assign different IP Pools to them (based on the VLAN). And then apply filtering to the guest users.

The wireless for the regular users should employ the appropriate security features like WPA2, PEAP etc.

Regards

Farrukh

sagarshaha Wed, 05/27/2009 - 20:33

can you please explain the steps to deploy in detail...as i'm newbie in this.

secondly, if i'll make for wireless and then for wired? because some visitors may use wired connection also

thanks

Farrukh Haroon Wed, 05/27/2009 - 23:45

You can use the same vlan for WIRED and WIRELESS guests. Thats not a problem.

I need more details about your network? Which vendor's APs, switches etc.

Regards

Farrukh

Actions

This Discussion