I have 4 Aironet 1240AG in 3 different geographical locations with 2 SSID.
I have 1 SSID that is not broadcast setup with WPA2/TKIP for internal users (Internal). This gives access to internal resources as well as filters all internet items through our websense applicance, IP are given from the locations main DHCP server.
1 have 1 SSID that our event clients utilize (Guest). This is an open network so when we have events (can have up to 100+ visitors) the attendes have a way to utilize the internet to access their VPN, Webmail, etc. This is on a segregated VLAN with no internal access and direct unfiltered internet access.
I manually configure the company laptops to use the hidden wireless with the passkey, so it is not public knowledge. We have strict policies in place on data removal from the company and I have found a potential "hole" due to the guest wireless. I do not want the laptop users to be able to join onto the Open WiFi even by accident. It is set to auto connect to internal, but since these are travelers they know how to use the wireless and could conceivably download a file using the internal network, then switch to the open network and send the file using a webmail.
My thinking was that I could set the Open network to reject specific MAC addresses, but I wasn't able to find a way right off to do this for specific SSID in the Aironet 1240AG GUI. Please let me know if this is a viable idea to ensure that company laptops only stay on the internal company network, but allow the laptop users to still manipulate their local wireless client when traveling.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...