Thomas SmallwoodMemberOct 15, 2014 at 9:42 pm #164411
I have a client (local Church) that asked if I could install a campus wide Open WIFI for their members, and they didn’t want the clients to be attached or able to back track into the churches network/server. They have a SBS 2008 server which houses financial data and other sensitive materials. So I made a separate network on their Watchguard firewall hooked it to a Untangle web-filter and then to a POE switch which connects to all Access points throughout their campus. On the Untangle box we run a captive portal with a custom log in. All was running perfect and their clients are happy, but the staff started to bring in iPads, laptops, multi media devices and started connecting to the free WIFI and trying to connect to their data and finical software on the server which is split from the church network. Well I was asked by several high up officials why cant we connect and after all of this money has been spent we cant use it for church use.
Both networks are running DHCP and are on different switches.
My question to you guys, is their a way to make an extra SSID on the Enginus EAP300 access points (11 of them) and have that SSID send traffic to the church network without having 2 DHCP servers interfering with each other, or having guests that can ip-scan and find the server compromising the network security. I feel as soon as a network cable is connected to both switches both DHCP servers will start causing all shades of issues.
We have a layer 1 (smart switch) Netgear POE switch on the free WIFI network and a layer 1 switch on the Church network.
Is my best option to just tell them no way to make it work, with out installing a separate wireless network. They are on a very tight budget.
Please don’t say use a VPN or use local static IPs and turn off DHCP it would be a nightmare to administer, so many different devices and all kinds of different levels of user frustration to deal with.
You must be logged in to reply to this topic.