Thanks, David- are you using the NAC gateway for other functions as well? And what version of code are you on for wireless? Last question- does the web auth cause any issues for your controllers (I know has been an issue on some versions and in some configurations)?
-Lee Lee H. Badman Wireless/Network Engineer Information Technology and Services Syracuse University 315 443-3003 -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of LaPorte, David Sent: Tuesday, September 29, 2009 12:13 PM To: [email protected] Subject: Re: [WIRELESS-LAN] Guest Portal - revisited We're deployed Cisco NAC Guest Server to provide sponsored guest access. That, in combination with the built-in webauth functionality in the Cisco WLC (if you're a Cisco shop), should be able to provide much of what you need. We're doing very similar things here. Dave Lee H Badman wrote: > We have a wireless guest portal (homegrown) that has been satisfactory, > but we want to move into another solution for several reasons that I > won't bore you with. > > > > I'm familiar with Bluesocket (actively talking with them) and know that > Colubris used to compete with them in the gateway space. HP now owns > Colubris, and a request for more info went unanswered. So- wondering if > anyone knows of a commercial solution that competes with Bluesocket. > > > > We're looking for this sort of functionality: > > > > Single guest SSID- all functions come from easy-to-use portal. Single IP > space/VLAN for all guest groups. Scale to 1500 accounts/500 simultaneous > users. Possible failover pair setup. > > > > 1. SU NetID Holders > 1. Ideally, OS could be identified. If Windows or Mac, users > forwarded on to a page that tells them to (and how) to use > the secure network > 2. Non-Windows/MAC NetID Holders get on with generous > throughput and minimal restrictions (compared to other > guest-path users) > > > > 2. Sponsored Guests- Sponsored by SU NetID Holder > 1. Everyone in our AD with a regular account (staff, faculty, > students) can sponsor a guest- gateway verifies sponsor is > in AD > 2. Guest logins limited to some period of time yet to be defined > 3. Guest credentials may get sent (SMS text) to guest cell > phone number or forwarded directly by sponsor > 4. Different set of protocols - must allow VPN > 5. Easy batch creation of accounts for the likes of conferences > > > > 3. Self-sponsored Guests- provision their own > 1. Accounts will be limited to 4 hours (or something), then > can't be reactivated for say 12 hours (or some other > time-related constraint) > 2. Requires valid cell phone number, as that is where gateway > will text the credentials > 3. More tightly limited in bandwidth and throughput > 4. Limited number of accounts per month. > > > > Not looking to build our own any more- off the shelf is desired in this > case. Welcome to any input on solutions beyond Bluesocket. > > > > Please don't consider this a hit against Bluesocket- we have not > discounted them, just looking for what else is out there that I am not > aware of. > > > > And please- no off-topic sales calls. > > > > Thanks- > > > > Lee > > > > > > **Lee H. Badman** > > Wireless/Network Engineer > > Information Technology and Services > > Syracuse University > > 315 443-3003 > > > > ********** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
