Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Wireless Access best practices
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Wireless Access best practices - 6.Nov.2004 5:36:00 PM
|
|
|
jmunyan
Posts: 800
Joined: 3.Feb.2001
From: Seattle, WA
Status: offline
|
Hi, I am considering how best to accomidate wireless access on the 2004 platform into my environnment. I have been doing some digging around the site and have been unable to find a isa 2004 specific config or tutorial. Thus I wanted to ask the group for advise, or alternativly for a location of some doc for me to review.
That said my configuration is relativly simple. internal network>>FW>>>Router>>internet. The functionality I am looking for would allow anonymous users to use my connection if they wish. Also, I would like to provide a means of providing access to my internal network to authenticated users in a secure fashon. Thus when I connect, I will be able to traverse the firewall and connect fully into my internal network. Other anonymous users will be able to simply connect get a dhcp address and surf outward without access to my internal network.
It would seem there are a couple ways one could do this. 1. put the access point in between the router and fw, 2. create a dmz segment (3rd nic) and place the access point here.
Could someone provide comment about how this would best be accomplished? If there is some doc I am missing please point me to that as well.
Thanks,
John
|
|
|
|
RE: Wireless Access best practices - 7.Nov.2004 3:18:00 PM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: online
|
Hi John,
What I do is put the WAP behind a trihomed DMZ segment. Configure the WAP as a DHCP server for the WLAN clients. Then use VPN for users on the WLAN to access the Internal network. Another way I've done it is to use the Firewall client to allow users access to the production network from the WLAN.
HTH,
Tom
|
|
|
|
|
RE: Wireless Access best practices - 7.Nov.2004 5:56:00 PM
|
|
|
jmunyan
Posts: 800
Joined: 3.Feb.2001
From: Seattle, WA
Status: offline
|
Thanks Tom, now the vpn component of this design, would you do it via pptp, or ipsec? Is there some documentation laying out what the best approach to adding the vpn component of this scenerio? I am a little rusty on the wireless component part, so whatever guidance you could give about the vpn component would be great. Is there some doc I could look at which would assist the configuration?
Thanks,
John
|
|
|
|
|
RE: Wireless Access best practices - 13.Nov.2004 9:15:00 PM
|
|
|
jmunyan
Posts: 800
Joined: 3.Feb.2001
From: Seattle, WA
Status: offline
|
Tom, could you comment on the best practice for integrating a wireless access point with ISA 2004. My current thought is that I would want to use pptp rather than ipsec. Is there any source of documentation on this, or will this be in your next book?
Thanks
John
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
