Re: Wireless Access and VLANs
- From: Trendkill <jpmason@xxxxxxxxx>
- Date: Thu, 27 Sep 2007 14:11:13 -0000
On Sep 27, 9:56 am, "Steve Ray" <nocha...@xxxxxxx> wrote:
Guys
We have an issue with our wireless network I'd like to try and discuss and
learn a bit more about please.
Our staff are allowed wireless access to the network via MAC authentication
onto VLAN 1
We need to allow students wireless access onto the VLAN 2 (our student
network)
I could go down the route of buying more AP's and placing these in VLAN 2
and setting MAC authentication as per our VLAN 1 model. At this point I'm
not interested in the merits of MAC sniffing but just as a crude way of
allowing/disallowing access to the LAN's
Is there any way of creating a new VLAN, placing the AP's into this VLAN,
(call it VLAN 3 for arguements sake) and then setting some kind of
redirection on the AP to say that if the user account resides on the staff
network give them an IP address from VLAN 1 and if the user accout resides
in VLAN 2 give them an IP address for VLAN 2.
I presume there will need to be some kind of back end
authentication/server/service to figure out where the user accounts lives
Hope this makes sense
Steve
802.1X is what you are looking for I believe. It allows user based
authentication and the assignment of specific network attributes to
those users based on machine, account, etc, including vlan
assignments. Could be other easier ways, but none immediately come to
mind.
http://www.cisco.com/en/US/products/ps6662/products_ios_protocol_option_home.html
.
- References:
- Wireless Access and VLANs
- From: Steve Ray
- Wireless Access and VLANs
- Prev by Date: Wireless Access and VLANs
- Next by Date: Re: Need help controlling access between vlans
- Previous by thread: Wireless Access and VLANs
- Index(es):
Relevant Pages
|
