Firewall Wizards mailing list archives
RE: Locking down public wireless access
From: "Smith, Aaron" <SmithA () byui edu>
Date: Tue, 22 Feb 2005 11:59:58 -0700
We've used a gateway appliance from Bluesocket.com to provide a similar setup. The authentication is web-based using https. It ties into our backend directory and provides different access based on who the user is. Bluesocket can also require that you make a VPN tunnel to get access, but we didn't like that idea. We don't encrypt anything because we didn't feel that protecting the data was worth the time it would take to manage it (do you need to encrypt Bobby's email to Suzy saying, "Can I borrow your notes from biology class?"). Application layer crypto is good enough to protect registration and personal data. When employees start using it, we will start encrypting it at the network layer. If you want to use the WRT54G, check out www.sveasoft.com for some custom firmware. They have releases that may do what you're looking for. Good luck, @@ron Smith -----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Chris Bills Sent: Saturday, February 19, 2005 11:31 AM To: firewall-wizards () honor icsalabs com Subject: [fw-wiz] Locking down public wireless access At my university, the computer science department would like to offer wireless access to computer science students, but would like the access to not be anonymous. Current problems with unrestricted access to the internet are obvious, anonymous kids downloading porn, movies, mp3s, etc, and as the university allowed this to happen, they could be held liable. enforcing a logon policy would help limit the university's liability in said situations. ideally, we would like to implement a system in which the user will connect to un-encrypted wireless, but any attempts to get out will be redirected to the authentication page. Once the user logs in, they will be given the WEP key of the day, and then they will have unrestricted access. I'm investigating the usage of Linksys WRT45G routers, with a modified firmware, but I have no actual experience with this. I would like to look into other methods of doing this, as well, such as Perfigo (which has now been acquired by Cisco)... If you have any suggestions for hardware, or existing documentation floating on the net about how to achieve this sort of setup, please let me know. Chris _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Locking down public wireless access Chris Bills (Feb 22)
- Re: Locking down public wireless access ArkanoiD (Feb 22)
- Re: Locking down public wireless access Jim Seymour (Feb 22)
- Re: Locking down public wireless access Kevin Sheldrake (Feb 22)
- Re: Locking down public wireless access Paul D. Robertson (Feb 22)
- RE: Locking down public wireless access Mark Gumennik (Feb 22)
- RE: Locking down public wireless access John Adams (Feb 22)
- Re: Locking down public wireless access Dale W. Carder (Feb 23)
- Re: Locking down public wireless access David Lang (Feb 24)
- <Possible follow-ups>
- RE: Locking down public wireless access Smith, Aaron (Feb 22)