Not yet, but we have one for remote access and that is what we may be deploying as I described in my last post to this string.
We currently have a Cisco 3030 configured to allow the IPSec and SSL access. We restrict the IPSec use to a terminal server (luckily we only needed 2 non-MS apps for remote use at this point) and 2 users have direct remote desktop connections to their desktops (not ideal but they had significant odd-ball application needs). The SSL does allow a little more but we will be tweaking that. The goal is to find the most consistent environment with the least management overhead. So with that said, SSL (whether for wireless or traditional remote access) will probably allow for a terminal server connection for primary apps this will allow authorized fac/staff to use any computers on the SSL whether on wireless or at home), and "application access" (Cisco speak) for any apps deemed highly valuable for direct connection from client stations (hopefully only for campus owned/configured machines but do not know how to control that yet). Make sense? _________________________ Thank you, Gregory R. Scholz Lead Network Engineer Information Technology Group Keene State College (603)358-2070 -----Original Message----- From: Flagg, Martin D. [mailto:[EMAIL PROTECTED] Sent: Friday, February 03, 2006 11:29 AM To: [email protected] Subject: Re: [WIRELESS-LAN] Wireless Newbie Anyone using SSL VPN for Wireless? Martin D. Flagg Network Engineer/Administrator Hiram College -----Original Message----- From: Cal Frye [mailto:[EMAIL PROTECTED] Sent: Friday, February 03, 2006 10:57 AM To: [email protected] Subject: Re: [WIRELESS-LAN] Wireless Newbie Jake, Same questions we had here. We were early into wireless, back when 40-bit WEP offered so little in exchange for the pain, we implemented wireless wide-open. Back then we used a netreg system to obtain userIDs to go with MAC addresses, since then we've installed Clean Access for the same purpose and remediation besides. We saw no special need to treat wired and wireless customers separately -- everyone uses CCA. For encryption security, we have the same questions. We need it for our wireless users, and we could use it for our off-campus folks, not to mention abandoning our proxy server used to provide access to third-party databases based on having an Oberlin IP address. Sounds like a VPN would answer all three of these questions. We're rolling it out sometime this semester. Good luck. --Cal Frye, Network Administrator, Oberlin College www.calfrye.com, www.pitalabs.com, www.ouuf.org "I was educated once, and it took me years to get over it." -- Ashleigh Brilliant (c) 1981. Barros, Jacob wrote: > I am having trouble making two technology concepts mesh. We are > looking at implementing Bradford Campus Manager and at the same time considering > Aruba... speaking of encryption. So my question is two fold... Do > those of you that are using a solution like Aruba's or Bluesocket's > have a Campus Manager, Clean Access solution or SafeConnect solution? > If so, is there really a point in requiring authentication for wireless? > > Jake Barros > Grace College ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
