Wireless Access Point which can limit access to a server

Discussion in 'Wireless Networking' started by adamgilldo@hotmail.com, Oct 11, 2007.

  1. Guest

    I've been asked to research a wireless access point that can limit
    access to a server. Does such a thing even exist? If so, any
    suggestions on decent ones? Or would it be easier to purchase a WAP
    and a firewall?

    Thanks.
     
    , Oct 11, 2007
    #1
    1. Advertising

  2. I am not sure I understand the question. Assuming you want wireless users
    access the Internet only not the LAN, you may setup a VLAN. A good example
    is Cisco 1200 AP.

    --
    Bob Lin, MS-MVP, MCSE & CNE
    Networking, Internet, Routing, VPN Troubleshooting on
    http://www.ChicagoTech.net
    How to Setup Windows, Network, VPN & Remote Access on
    http://www.HowToNetworking.com


    <> wrote in message
    news:...
    > I've been asked to research a wireless access point that can limit
    > access to a server. Does such a thing even exist? If so, any
    > suggestions on decent ones? Or would it be easier to purchase a WAP
    > and a firewall?
    >
    > Thanks.
    >
     
    Robert L \(MS-MVP\), Oct 11, 2007
    #2
    1. Advertising

  3. <> wrote in message
    news:...
    > I've been asked to research a wireless access point that can limit
    > access to a server. Does such a thing even exist?


    Doubtfull

    > suggestions on decent ones? Or would it be easier to purchase a WAP
    > and a firewall?


    No.
    Firewalls are designed to sit at the edge of a LAN where it meets the
    internet,..they are not designed to sit in the middle of the LAN between
    Hosts. Besides that you shouldn't even be looking at Layer3 & 4 for a
    solution to this anyway.

    You're taking the wrong approach,...and probably so is the person asking you
    to do this. The security of the Server comes from the Server itself. You
    don't access "Servers",...you access *Resources* that are on Servers. The
    access to the Resources (whatever that might be) is controlled by the
    Server's file system permissions or the Application on the server that makes
    the resources available.

    File Access is controlled by NTFS permissions
    Web site access is controlled by IIS and NTFS permissions
    FTP site access is controlled by IIS and NTFS permissions also
    Database access is controlled by the Database Engine and the Application
    that makes use of the Data.

    ........it ain't about "firewalls" and blocking network traffic.....

    Now, with that said, you can setup a "guest" network by creating a "hot
    spot" that lives on its own subnet. Access is controlled by the LAN Router
    (not a firewall) and you would use ACLs on the LAN Router to cut off the
    Guest segment from the rest of the LAN except for allowing HTTP, HTTPS, FTP
    to the Firewall Device,...or you could just allow anything to go as long as
    it only goes from the Client throught the LAN Router to the Firewall and out
    to the Net. But this is *not* the way you would handle your own users.

    When I setup a Guest segment here it is completely out on the Public side of
    the LAN outside the Firewall and uses it's own separate [and cheap] firewall
    to give the guest some protection and to prevent them from eating up my
    public addresses.

    --
    Phillip Windell
    www.wandtv.com

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Oct 11, 2007
    #3
  4. Hi
    For regular Access Point you need to install a RADIUS Server.
    RADIUS is sitting on the general server and can be configure to control the
    Wireless log on to the Network.
    Microsoft rendition of RADIUS,
    http://www.microsoft.com/technet/community/chats/trans/isa/isa0316.mspx
    In General, http://www.wi-fiplanet.com/news/article.php/3089211
    There are also Access Point that have a form of logon in hardware look for
    it on www.cisco.com
    You have to research both options and decide which one is better for your
    specific needs.
    Jack (MVP-Networking).


    <> wrote in message
    news:...
    > I've been asked to research a wireless access point that can limit
    > access to a server. Does such a thing even exist? If so, any
    > suggestions on decent ones? Or would it be easier to purchase a WAP
    > and a firewall?
    >
    > Thanks.
    >
     
    Jack \(MVP-Networking\)., Oct 12, 2007
    #4
  5. Guest

    On 12 Oct, 00:08, "Jack \(MVP-Networking\)."
    <> wrote:
    > Hi
    > For regular Access Point you need to install a RADIUS Server.
    > RADIUS is sitting on the general server and can be configure to control the
    > Wireless log on to the Network.
    > Microsoft rendition of RADIUS,http://www.microsoft.com/technet/community/chats/trans/isa/isa0316.mspx
    > In General,http://www.wi-fiplanet.com/news/article.php/3089211
    > There are also Access Point that have a form of logon in hardware look for
    > it onwww.cisco.com
    > You have to research both options and decide which one is better for your
    > specific needs.
    > Jack (MVP-Networking).
    >
    > <> wrote in message
    >
    > news:...
    >
    >
    >
    > > I've been asked to research a wireless access point that can limit
    > > access to a server. Does such a thing even exist? If so, any
    > > suggestions on decent ones? Or would it be easier to purchase a WAP
    > > and a firewall?

    >
    > > Thanks.- Hide quoted text -

    >
    > - Show quoted text -


    Thanks for your ideas guys, much appreciated. That's made things a lot
    clearer. Sorry I wasn't clear, the key thing he wants is wireless
    users to be able to access files on a server and be able to print, but
    nothing else. I'll put the ideas to my boss and see what he says.
     
    , Oct 12, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. artc
    Replies:
    0
    Views:
    574
  2. David Sudjiman
    Replies:
    0
    Views:
    1,117
    David Sudjiman
    Jun 8, 2006
  3. anthony crowder
    Replies:
    20
    Views:
    2,859
    hhtest
    Jan 16, 2007
  4. Nate Goulet
    Replies:
    9
    Views:
    1,249
    Nate Goulet
    Dec 7, 2007
  5. Spin
    Replies:
    9
    Views:
    1,754
Loading...

Share This Page