We have our access points broadcast two separate SSIDs - one for public
access and the other for faculty/staff access. The two SSIDs are on
separate networks - one on a 192.168.x.x network and the other on
10.x.x.x. The public "side" can only get to the Internet - filtered of
course - and the faculty/staff side can get to the Internet and our
internal network. We have separate VLANs for the two wireless
networks. Only a few of our WAPs have the public side.
When someone accesses the public side of the wireless they are greeting
with a message that includes a link to our AUP and a statement
indicating that if they use our public wireless then they are agreeing
to follow our AUP.
Kind of like what you see in a coffee shop or a hotel - but our Internet
access is filtered.
This is very new and not too many people know about it but it was in use
at our last home football game and it is working well so far.
Michael T. Bendorf wrote:
Now that my wireless is installed (last AP fired up this afternoon) I
have had requests for the password to get on.
I have not provided that to anyone, but rather explained that things
were not ready for public access yet...
All of my district owned equipment has the PSK and can connect as
though they are hard wired...but I wonder what other districts do for
public access. For instance I had a student from the neighboring
district want to get online here to do some homework before practice
(we co-op with this other school.) I really felt bad saying not yet -
but that is the truth of it.
We have an active directory and we push out browser proxy settings via
GPO. Everyone must firs sign our current AUP and then they
must authenticate with our CIPAFilter before egressing to the
Internet. I want to provide "the public" access to a filtered Internet
experience. I do not want visiting mobile devices to access anything
other than the public Internet. This seems pretty strightforward, but
something I have not set up before.
Even more than just the config of my HP ProCurve MSM APs/Controller my
real question is how do you address this from a policy point of view?
Do you have a separate document? Do you ask guests to sign something?
Click on something? Is it part of your general AUP? etc?.?.?.
--Michael T. Bendorf--
Technology Administrator
A-C Central C.U.S.D. #262
Google Voice: 217.408.0043
"I'm trying to teach myself to ask the same questions that you do
during your lectures so that I do not need you any more."
A good teacher is like a candle - it consumes itself to light the way
for others.
"The computer revolution hasn't started yet. Don't be misled by the
enormous flow of money into bad defacto standards for unsophisticated
buyers using poor adaptations of incomplete ideas."
- Alan Kay
------------------------------------------------------------------------
| Subscription info at http://www.tech-geeks.org |
| Subscription info at http://www.tech-geeks.org |
