"Jorabi" <(E-Mail Removed)> wrote in message
news:%h2Vd.34541$(E-Mail Removed)...
>
> "stephen" wrote ...
> >
> > "Emlynfluff" wrote ...
> >
> >> What about boring old WEP ?
> >> I know it's pants security - but it's just for casual internet
> >> access is it ?
> >
> > 1 question - do you need any security?
>
> I considered that. I am a consultant and this is my first WLAN at
> a business. I want my customer to feel secure (even though I have
> their office LAN separated from the WLAN).
another poster suggested limit the coverage - you can direct the radio
pattern to some extent, or turn down the power level on the AP.
some APs can run multiple virtual "lans" for lack of a better term - cisco
aironet 1100 or 1200s can support this. you can have different vlans with
different login and encryption setups using the same hardware (a default
type is "guest mode" which may be what you want).
note that if you do this then any "secure" wifi and the guest account are
only separated by VLAN - so you need to take some care about segregation of
traffic and security.
just be aware this isnt consumer cost equipment.
http://www.cisco.com/en/US/netsol/ns...ages_list.html
bunch of cisco docs about wifi
http://www.cisco.com/en/US/netsol/ns...ages_list.html
if 1100s are too steep, then i suggest you make this a separate wifi to any
internal system and just air gap it from the internal network - maybe even a
separate internet feed so you dont have to worry about bandwidth hogging.
>
> > it doesnt sound like you are charging for access - so why not
> > leave the feed open?
>
> And have passersby in cars using up the bandwidth? That's what the
> customer will be concerned about. Tell me more if I can do this
> without much risk.
if it doesnt go anywhere but to the internet then do you care?
the problem is that any sort of security needs administration and
complicates setup, and since you have a constant churn in your users you
need to balance cost of "lost" bandwidth to that sort of risk vs overhead
costs for admin.
>
> >> But if you change the WEP key every day, or how ever often a
> >> new group comes in, stick it on the white-board, whatever, for
> >> them to see.
> >
> > and then the meeting starts, it gets rubbed off, the users want
> > to set up their PCs to get mail in a lunch break......
> >
> >> Surely most clients will support WEP. If you stick WPA-PSK on
> >> there, half the clients won;t be able to connect ...
> >> Not sure you can do much to make changing the WEP key quicker
> >> on your devices though? Although when you get used to it,
> >> you'll end up doing it in a flash.
>
> It won't be me, since I'll be gone. The customer isn't very
> savvy but I guess they can be trained.
>
> >> Maybe if it was a Cisco Aironet you could do some scheduled
> >> script to upload a different config each day containing the
> >> new key.
>
> Not Cisco, but maybe I could write a script for Windows to
> automate most of the steps. Good sugg.
>
> > and be prepared to be asked by a %age of all the clients to
> > "assist" with the configuration if they even have to set up
> > the key.
>
> Yep. I'll have a handout, and hopefully one or two attendees
> will step into the techie role.
>
> Re my other questions on changing passwords: (a) should I use
> WEP 64 or 128? (b) should I use passphrase or hex? (c) is there
> any way to change the password on the router and automatcally
> have it change on the repeater? Thanx.
buy 802.11g equipment and run it in B/G mode for the widest compatibility.
if you change it every day then WEP 64 should be enough - you arent worrying
about security here, so much as making the system inconvenient for
unauthorised users to get at.
--
Regards
Stephen Hope - return address needs fewer xxs
Similar Threads
Linear Mode
