Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Bringing wireless to a Campus

I am wanting to add wireless to our campus, but I also want to protect our wired network. The powers that be also want a single login for our clients (students with differant types of wireless cards).

I am looking at using the 1200 series APs

Could I add an port to my firewall and put the APs on a seperate vlan and treat the APs as an untrusted network?

Also could I use a RADIUS server to authenticate the wireless users with active directory accounts from another server?

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Bringing wireless to a Campus

Radius proxy will give you single sign-on.

If you put all of the APs in a subnet separated from your wired network by a firewall (you can use trunking between switches to avoid pulling a whole new cable plant) you can achieve what you are after.

Alternately, you can use a multi-layered security approach to protect APs directly on the wired subnet. A VPN on top of WEP and a MAC Address filter would protect you well.

Matthew Wheeler

Chief Wireless Architect

Blue Modal, Inc

www.bluemodal.com

1 REPLY
New Member

Re: Bringing wireless to a Campus

Radius proxy will give you single sign-on.

If you put all of the APs in a subnet separated from your wired network by a firewall (you can use trunking between switches to avoid pulling a whole new cable plant) you can achieve what you are after.

Alternately, you can use a multi-layered security approach to protect APs directly on the wired subnet. A VPN on top of WEP and a MAC Address filter would protect you well.

Matthew Wheeler

Chief Wireless Architect

Blue Modal, Inc

www.bluemodal.com

141
Views
0
Helpful
1
Replies
CreatePlease login to create content