• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Wireless Access best practices

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Wireless Access best practices Page: [1]
Login
Message << Older Topic   Newer Topic >>
Wireless Access best practices - 6.Nov.2004 5:36:00 PM   
jmunyan

 

Posts: 803
Joined: 3.Feb.2001
From: Seattle, WA
Status: offline
Hi, I am considering how best to accomidate wireless access on the 2004 platform into my environnment. I have been doing some digging around the site and have been unable to find a isa 2004 specific config or tutorial. Thus I wanted to ask the group for advise, or alternativly for a location of some doc for me to review.

That said my configuration is relativly simple. internal network>>FW>>>Router>>internet. The functionality I am looking for would allow anonymous users to use my connection if they wish. Also, I would like to provide a means of providing access to my internal network to authenticated users in a secure fashon. Thus when I connect, I will be able to traverse the firewall and connect fully into my internal network. Other anonymous users will be able to simply connect get a dhcp address and surf outward without access to my internal network.

It would seem there are a couple ways one could do this. 1. put the access point in between the router and fw, 2. create a dmz segment (3rd nic) and place the access point here.

Could someone provide comment about how this would best be accomplished? If there is some doc I am missing please point me to that as well.

Thanks,

John
Post #: 1
RE: Wireless Access best practices - 7.Nov.2004 3:18:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi John,

What I do is put the WAP behind a trihomed DMZ segment. Configure the WAP as a DHCP server for the WLAN clients. Then use VPN for users on the WLAN to access the Internal network. Another way I've done it is to use the Firewall client to allow users access to the production network from the WLAN.

HTH,
Tom

(in reply to jmunyan)
Post #: 2
RE: Wireless Access best practices - 7.Nov.2004 5:56:00 PM   
jmunyan

 

Posts: 803
Joined: 3.Feb.2001
From: Seattle, WA
Status: offline
Thanks Tom, now the vpn component of this design, would you do it via pptp, or ipsec? Is there some documentation laying out what the best approach to adding the vpn component of this scenerio? I am a little rusty on the wireless component part, so whatever guidance you could give about the vpn component would be great. Is there some doc I could look at which would assist the configuration?

Thanks,

John

(in reply to jmunyan)
Post #: 3
RE: Wireless Access best practices - 13.Nov.2004 9:15:00 PM   
jmunyan

 

Posts: 803
Joined: 3.Feb.2001
From: Seattle, WA
Status: offline
Tom, could you comment on the best practice for integrating a wireless access point with ISA 2004. My current thought is that I would want to use pptp rather than ipsec. Is there any source of documentation on this, or will this be in your next book?

Thanks

John

(in reply to jmunyan)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Wireless Access best practices Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts