We recently went the other way. Primarily because while firewalling off
things like AD and fileservers worked, the client behavior if they also
can't look up the name is improved. The simplest solution to give the guest
network an "outside" view of DNS was just to point them outside. Our
existing
We’re using OpenDNS, but with their add-on Umbrella protection product. It
provides great visibility (audit trails) and protection against threats (bad
sites, malware, command and control) without the need to put an agent on the
guest device. If so inclined, it also provides “net nanny”
Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Kanan E Simpson
Sent: Tuesday, September 16, 2014 11:17 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] guest wireless
Interesting discussion and implementations! We
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Lee H Badman
[lhbad...@syr.edu]
Sent: Friday, September 12, 2014 11:33 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] guest wireless
Neil
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Johnson, Neil M
Sent: Tuesday, September 16, 2014 11:59 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] guest wireless
We consider not having to deal with CALEA / DMCA on our guest network worth the
cost.
Note: we provide attwifi
I believe it was mostly to discourage our residential neighbors from using us
for free Internet rather than getting their own ISP. I think CALEA compliance
might've been part of it as well. We do have a method for providing longer
access if required.
--
Heath Barnhart
ITS Network
We have an open guest network, however, you do have to register with a name,
email, and phone number. Guests have 3 days of access followed by a 3 day
exclusion period were the device is not allowed on the network. Access is
restricted to HTTP, HTTPS, SMTP/POP, SSH, and most VPN. We don't
That's interesting Heath. What's the reasoning behind the exclusion period?
On Fri, Sep 12, 2014 at 9:42 AM, Heath Barnhart heath.barnh...@washburn.edu
wrote:
We have an open guest network, however, you do have to register with a
name, email, and phone number. Guests have 3 days of access
On Tue Sep 09 2014 10:40:33 CDT, Mark Reboli mreb...@misericordia.edu wrote:
I am looking for information on what people do with guest wireless. Do you
have open wireless on your campus? Do you have a password that everyone
knows? Do you create special passwords for groups? Any
I will admit to having a completely open guest network. We don't even
require a terms of service click-through, and it's not encrypted. We do
have some strict throttling for file sharing/p2p traffic, and I have some
decent auditing capabilities, so I can track down violations and restrict
them
@LISTSERV.EDUCAUSE.EDU] On Behalf Of Heath Barnhart
Sent: Friday, September 12, 2014 7:43 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] guest wireless
We have an open guest network, however, you do have to register with a name,
email, and phone number. Guests have 3 days
: Re: [WIRELESS-LAN] guest wireless
I will admit to having a completely open guest network. We don't even require a
terms of service click-through, and it's not encrypted. We do have some strict
throttling for file sharing/p2p traffic, and I have some decent auditing
capabilities, so I can track
-0938
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] on behalf of Coehoorn, Joel
[jcoeho...@york.edu]
Sent: Friday, September 12, 2014 9:13 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN
@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] guest wireless
We contracted with ATT to handle guests and visitors.
We advertise their SSID (attwifi) on our wireless infrastructure and then
hand the traffic off to them via boxes called Network Management Devices (NMD)
that they provide
We have a couple of different ways we accommodate guests.
First, we have a contract with ATT to provide our guest/visitor
network. We advertise an attwifi SSID on all our AP's (minus a couple
of specific locations), and that network gets dropped off on an ATT
circuit. The attwifi network is
Thus spake Mark Reboli (mreb...@misericordia.edu) on Tue, Sep 09, 2014 at
03:40:33PM +:
I am looking for information on what people do with guest wireless. Do you
have open wireless on your campus? Do you have a password that everyone
knows? Do you create special passwords for groups?
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] guest wireless
Thus spake Mark Reboli (mreb...@misericordia.edu) on Tue, Sep 09, 2014 at
03:40:33PM +:
I am looking for information on what people do with guest wireless. Do you
have open wireless on your campus? Do you have
Subject: Re: [WIRELESS-LAN] guest wireless
Thus spake Mark Reboli (mreb...@misericordia.edu) on Tue, Sep 09, 2014 at
03:40:33PM +:
I am looking for information on what people do with guest wireless. Do you
have open wireless on your campus? Do you have a password that everyone
Mark,
We have 3 campus wide broadcast SSID's. Rice Owls (802.1X for campus
users), eduroam (802.1X for any participating institution) and Rice Visitor
(open SSID with a captive portal with splash page for Acceptable Use
Policy). The Rice Owls and eduroam will put our local users into their
Our general policies are posted here:
http://www.wpi.edu/Academics/CCC/Netops/Wireless/Guest/
We avoid doing completely open wifi, as we have decided not to become a
hotspot for any neighbors or people wandering by. To handle the request
volume and keep the turnaround time low, we have a
In certain buildings, we allow guest users to create a temporary account
(using an email address as the login ID) that expires in 24 hours
They do not have access to any of our internal sites, just Internet,
While they are given access immediately, we timeout any idle connections
after 10
Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Frank Sweetser
Sent: Tuesday, September 09, 2014 10:51 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] guest wireless
Our general policies are posted here:
https
56217
d...@uoguelph.ca
www.uoguelph.ca/ccs
- Original Message -
From: Bradley Williams bwil...@clemson.edu
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Sent: Tuesday, September 9, 2014 12:05:27 PM
Subject: Re: [WIRELESS-LAN] guest wireless
We have an webauth ssid that redirects to a server
We do the same thing for the most part.
Heath
On 7/2/2010 8:09 AM, Daniel Eklund wrote:
We provide free guest access, but not open access. Guests must be
vouched for by a faculty or staff member and that person takes
responsibility for the actions of the guest while they use the
network.
-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Wireless Questions
We do the same thing for the most part.
Heath
On 7/2/2010 8:09 AM, Daniel Eklund wrote:
We provide free guest access, but not open access. Guests must be vouched for
by a faculty or staff member and that person
We're using the Cisco Guest NAC Server to provide sponsored guest access
and it's worked fine for us. It ships as an appliance.
http://www.cisco.com/en/US/products/ps10160/index.html
Dave
On 7/6/10 3:48 PM, Christian Heroux wrote:
Hello,
Mcgill University here in Montreal has a
-Original Message-
From: Armstrong, Geoff geoff...@exchange.ubc.ca
Sent: Friday, July 02, 2010 12:18 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Wireless Questions
Hi Tom,
We have an open unauthenticated SSID called ubcvisitor. Upon connecting
We provide free guest access, but not open access. Guests must be vouched for
by a faculty or staff member and that person takes responsibility for the
actions of the guest while they use the network. We have a simple online
process that the faculty or staff member uses to create a temporary ID
Hi Tom,
As we are a public institution, we feel it's desirable to provide a level of
public network access.
We have been trialing such an (unfunded) service for while now using
existing equipment/resources.
A Cisco shop, campus controllers have the open SSID tied to a mobility
tunnel
-...@listserv.educause.edu] On Behalf Of Daniel Eklund
Sent: Friday, July 02, 2010 6:10 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Wireless Questions
We provide free guest access, but not open access. Guests must be vouched for
by a faculty or staff member and that person takes
@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Wireless Questions
We provide free guest access, but not open access. Guests must be vouched for
by a faculty or staff member and that person takes responsibility for the
actions of the guest while they use the network. We have a simple online
: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Daniel Eklund
Sent: Friday, July 02, 2010 6:10 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Wireless Questions
We provide free guest access, but not open
@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Wireless Questions
Out of curiosity regarding CALEA, do you need to provide law enforcement with a
way to view where a user goes on your network while using wireless? Or do you
just need to provide login details? I know that for telephony that you
At least not intentionally. : )
Peter Morrissey
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Daniel Eklund
Sent: Friday, July 02, 2010 9:47 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest
, 2010 9:23 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Wireless Questions
Out of curiosity regarding CALEA, do you need to provide law enforcement with a
way to view where a user goes on your network while using wireless? Or do you
just need to provide login
@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Wireless Questions
Sorry it is the Communications Assistance for Law Enforcement Act.
tn
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Peter P Morrissey
Sent: Friday, July 02, 2010 12:08
] On Behalf Of Neiss, Tom
Sent: Friday, July 02, 2010 9:12 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Wireless Questions
Sorry it is the Communications Assistance for Law Enforcement Act.
tn
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Randall C Grimshaw wrote:
In addition to our 802.1x network, we provide an open network
SSID guarded by a captive portal gateway. Any member of the
campus community can sponsor a guest account on the captive
portal. This resource has limited ports
We use an open SSID with the Aruba captive portal. Guests are on a VLAN
that terminates on the firewall and that VLAN only allows internet
access. Our group creates the user accounts but I believe there is a
guest provisioning account you can set up and give to another group or
individual and they
It is a home grown system.
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Tupker, Mike
Sent: Thursday, July 16, 2009 9:21 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest
In addition to our 802.1x network, we provide an open network SSID guarded by a
captive portal gateway. Any member of the campus community can sponsor a guest
account on the captive portal. This resource has limited ports and bandwidth.
Randy
From: The
Of Randall C Grimshaw
Sent: Thursday, July 16, 2009 8:13 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Guest Wireless Access
In addition to our 802.1x network, we provide an open network SSID guarded by a
captive portal gateway. Any member of the campus community can sponsor
Hi John,
We have a self-service web site where faculty and staff can sponsor guests.
We collect the name of the sponsor, dates of the visit, the guest's name and
local contact info (phone). The contact info is collected in case we see
that the guest's laptop is compromised. We do not retain
Here at Ryerson University we have GUEST SSID with captive portal along with a
username/password which changes daily and is available to faculty/staff from
our helpdesk.
Special GUEST accounts can also be created to be valid for days or weeks if
need be.
Those accounts are then limited to web
44 matches
Mail list logo
