Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Wireless access for visitors

Can someone suggest the best way to set up wireless access for visitor’s (non company employees) internet access only. We would like to secure the access point so only permitted visitors could attach to the AP with the least administrative effort.

I was thinking two access points. One using PEAP or LEAP to authenticate our employees. The other for the visitors. We could use access lists to permit only web traffic but I am not sure about the security set up for this situation. Something that is not a lot of administrative effort but secure. Is there such a solution?

How does McDonalds do it?

Thanks

PL

6 REPLIES
New Member

Re: Wireless access for visitors

You could use only one AP if they are Aironet APs. A simple solution would be to create two VLANs, one for employees, that uses PEAP or LEAP, and a guest VLAN, that is open. Create a ACL (Access Control List) on your switch/routers that the AP is connected to that only permits the guest VLAN to point towards your internet gateway. Here is a link on how to set up multiple VLANs:

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/accsspts/ap350scg/ap350ch4.htm

New Member

Re: Wireless access for visitors

Thanks,

That much I understand.

I was trying to avoid just any visitor connecting or strangers nearby connecting and using my internet bandwidth.

Any way around this problem?

Thanks

PL

Re: Wireless access for visitors

I would still do what c.tenly suggested but you could also put a MAC filter on the AP. Only cards that are on your list can pass traffic. True you have to get the MAC address from the visitor and put it on the list but I don't see any other way to accomplish what you want.

New Member

Re: Wireless access for visitors

Thats what I thougt. I wanted to post it to get some feedback.

I am curious how McDonalds is going to set this up.

I read that they are going to be selling 1 hour access times for $3.

Are they going to input each mac address?

PL

See link below:

http://www.mcdonalds.com/countries/usa/whatsnew/pressrelease/2003/03112003/index.html

Re: Wireless access for visitors

No. What I hear is that they will be using some form of username/password authentication. No Mac filter. You pay your money and they give you a reciept with the info.

Re: Wireless access for visitors

I think they use BBSM, so you also could use a BBSM for your Problem:

http://www.cisco.com/en/US/products/sw/netmgtsw/ps533/ps3987/index.html

bernhard

250
Views
0
Helpful
6
Replies