I am in the process of helping my boss apply some basic security to our current WLAN. The company has not applied security to this point since the information we have is not really that confidential and we are in a cynder block building which kills most of the signal before it even leaves the walls. My boss just wants a basic security measure in place to block wandering users from jumping on our wifi signal at night or something while parked outside of the building.
We are trying to implement the simplest to maintain security measures.
We have a handful of laptops and then several RF units that connect to our WLAN as well as occasional customers.
WAP would be ok except that changing the password every so often would be too much of a hassle to maintain and yet we wouldn't want a customer to have access after they leave the building.
We are considering just using MAC address blocking at the minimum. I realize that this is pretty minimal in terms of security, but that is really all we're after. Stopping Joe Blow from using our internet access at night.
Our AP-5131 has a RADIUS server built in and this authentication method seems promising.
Does anyone know how to configure the AP-5131 for using Radius?
I followed the instructions in the product reference guide -- and we all know how useful those are -- but it didn't say for sure whether you had to have WPA or something enabled to make it work so I left just the Radius with no WPA or security enabled at all.
I made a group for employees and a group for guests and a test guest for the guest group and myself in the employee group. I also made another WLAN for just guests.
When I went down to that access point and tried to logon to the internet, it did not pop up with an internet explorer message asking for a name and password. It just let me on as normal.
I'm just trying to figure out if there are any other steps that need to be taken in order to make sure that logon redirection happens. From what I can tell, it is supposed to do all of that automatically since I am using the AP's local RADIUS server for everything.
I set RADIUS to local and created the users, groups, and mapped the groups to their WLANs.
I applied everything and went to see if it had worked and it let me on without the login screen.
Am I missing something? When you use the RADIUS local, you don't need a server IP address or anything right? Shouldn't it automatically ask me for a name and password if I try to use the internet with that access point?
We have actually 2 AP-5131s and a few older motorola symbol APs that don't use the radius local. Do all of the APs have to be set up the same in order for this to work?
Right now everything is configured with bakhaul and I believe we can roam from AP to AP.
Any thoughts or suggestions would be greatly appreciated!