"Thomas Krüger" <(E-Mail Removed)> wrote in message
news:dnber6$9bn$02$(E-Mail Removed)...
> (E-Mail Removed) wrote:
> > Now if I have 1-2 access points connected to a switch on every floor to
> > provide access to wireless users (who are supposed to have restricted
> > access as they are part of the VLAN too), then what would happen if any
> > of these wireless users go from one floor to the other? Will they get
> > access to another VLAN by just doing a physical walk through?
if you want a user to be able to roam between APs then they generally need
to be part of the same IP subnet.
the easiest way if you have such an infrastructure is to define a new VLAN
which is just for wireless across the set of switches where you need to
connect APs - it should really be dedicated to wireless devices.
you imply that the wireless subnet is restricted in some way - if so, you
should isolate the subnet from the rest of the network (ie. not make it
"just another subnet" on the central switch) and connect by your favorite
tools - traffic filters, VLAN server, proxy, firewall or whatever.
Dont forget to secure the management access to the APs as well.
>
> The wireless users will be in the same VLAN as the Access Point.
> There are also access points that can broadcast multiple SSIDs and put the
> user into different VLANs on SSID basis. I know Funkwerk is building such
> APs.
the cisco range of APs support multiple SSIDs at the same time, with
different parameters such as WEP / WPA settings per SSID, and connecting
each SSID back to a separate 802.1Q VLAN - this allows you to have an
internal wireless network with "guest" access for example over the same
wireless infrastructure.
just be aware these things cost more money and need more care and attention
to set them up.
>
> Thomas
--
Regards
(E-Mail Removed) - replace xyz with ntl
Similar Threads
Linear Mode
