On Fri, 5 Apr 2013, Brian Gold wrote:
We've been using Cisco WCS controllers and APs here at $employer, but for a smaller scale I've been very happy with Ubiquity APs and controllers. I would HIGHLY recommend setting up radius authentication if you have a centralized ldap system (Active Directory, OpenLDAP, etc).
I would actually go the opposite direction.Your Wifi is an untrusted network that can be sniffed and attacked by anyone in the area. So don't let it connect directly to your internal network.
Consider it a guest network, just like a hotel network, and have all your users connect to your company resources through a VPN, just like they would from home or a hotel.
Then you can consider if you want to have the network locked down so that it can only be used for VPN traffic, or if you really do want it to be a guest network, able to reach the Intenet (for at least some things)
David Lang
_______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
_______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
