Wireless Access to clients and guests using the same Access Points (Full Version)

All Forums >> [ISA 2006 General] >> Installation and Planning



Message


marcoscosta -> Wireless Access to clients and guests using the same Access Points (24.Aug.2009 7:10:56 AM)

In the company that i work, they're want to give access for guests (costumers, etc). I make this configuration.
Domain Controller giving DHCP for guests network.
Isa server configured for relay agent in the interface guest.
Automatic discovery is configured in guest interface.
The access rule is configured for a group of my AD.
It's working great, but have one big problem.
My boss want to give internal access to all resources using the same guest network (they want to use the same Access Points), for domain users.
I'm create one access rule giving all protocols, from guest network to internal network but, for a users group from my domain. It didn't work. If i change to ALL USERS, it works. But is not safe =/. Resuming. I want to give only internet access to guests, and all access to my internal network using the same network (guest).

Thanks




paulo.oliveira -> RE: Wireless Access to clients and guests using the same Access Points (24.Aug.2009 10:12:42 AM)

Hi,

is the FWC installed on client machines?

Regards,
Paulo Oliveira.




marcoscosta -> RE: Wireless Access to clients and guests using the same Access Points (24.Aug.2009 10:22:01 AM)

No.
Because i have some linux machines in internal network...
I would like to be more transparent possible to the users...
What you suggest? (in therms of not isolate guest network)




paulo.oliveira -> RE: Wireless Access to clients and guests using the same Access Points (24.Aug.2009 11:45:52 AM)

Hi,

ISA can only authenticate web proxy (http, https and ftp download) and FWC (winsock applications).

For more info: Internal Client Concepts in ISA Server 2006

Regards,
Paulo Oliveira.




marcoscosta -> RE: Wireless Access to clients and guests using the same Access Points (24.Aug.2009 11:58:14 AM)

Ok Paulo.
I was thinking in use NAP for attend pre-requisites... Ex: the computer must be joined in domain... The others computers (guest and other OS) will be redirected to a vlan with restricted access (in this case the guest network with only HTTP / HTTPS access).
Thanks for your reply.




paulo.oliveira -> RE: Wireless Access to clients and guests using the same Access Points (24.Aug.2009 1:35:10 PM)

Hi,

you canīt enforce VPN policies using NAP+ISA 2006. This will be available on TMG (new ISA version).

Regards,
Paulo Oliveira.




marcoscosta -> RE: Wireless Access to clients and guests using the same Access Points (24.Aug.2009 2:24:03 PM)

So i cannot force guests computers to use the guest lan located in the ISA 2006, using NAP?




Page: [1]