Hey all you network folks.

That doesn't surprise me. I'll bet they have geek brain power behind it to build an isolated VLAN with it's own direct port to the internet and a modicum of access to internal network resources while being locked down to the rest of their enterprise network. I'd kill to get a look at their router configs to see what kind of magic they work with them.

We do exactly that, with Cisco APs here (internal access is by VPN only, but I'm assuming that's what you meant.) We use 802.1x for domain joined machines and U&P for consultants.
 
That doesn't surprise me. I'll bet they have geek brain power behind it to build an isolated VLAN with it's own direct port to the internet and a modicum of access to internal network resources while being locked down to the rest of their enterprise network. I'd kill to get a look at their router configs to see what kind of magic they work with them.

To follow in fly's and waw's footsteps Our office also does something similar to this.
 
We do exactly that, with Cisco APs here (internal access is by VPN only, but I'm assuming that's what you meant.) We use 802.1x for domain joined machines and U&P for consultants.

Sadly, I was looking at a highly cool but grossly over-engineered concept while negating the blatantly easy concept of just setting up a VPN into corporate resources because I'm brain damaged.

I'm a little ashamed right now. :eek:
 
Sadly, I was looking at a highly cool but grossly over-engineered concept while negating the blatantly easy concept of just setting up a VPN into corporate resources because I'm brain damaged.

I'm a little ashamed right now. :eek:

Access to corporate resources via wifi alone sounds scary to me. Yes, plz setup VPN. :p
 
Access to corporate resources via wifi alone sounds scary to me. Yes, plz setup VPN. :p

You don't want to know the security config I had envisioned in my head. Being Cisco, I figured them to have an elaborate orgasm inducing solution that involved skynet like analysis of traffic and port source and destinations in real time.

We don't have any WiFi at our locations to make HIPAA happy. Our doctors want it. I'm gonna let Denver fight that fight.
 
You don't want to know the security config I had envisioned in my head. Being Cisco, I figured them to have an elaborate orgasm inducing solution that involved skynet like analysis of traffic and port source and destinations in real time.

We don't have any WiFi at our locations to make HIPAA happy. Our doctors want it. I'm gonna let Denver fight that fight.

we had to throw wifi on a different subnet to make HIPAA happy.
 
oooh I thought this was a WAP not a Router with a WAP on it.

OK, so it's going into the wiring closet.

I used this guide to setup one of these once:

http://articles.techrepublic.com.com/5100-10878_11-6112367.html?tag=content;leftCol

actually, since purchase we've gone with a different network setup. now we have a T1 coming into the office. now an IAD-2431 connects to a NIC on our Windows Small Business Server for outward facing traffic. Another NIC on the SBS connects to the internal network via a switch. I have to try to use the wireless router as a WAP. I can either put it on the internal network (which I personally have no problem with) or put it between the outside connection and the small business server. Either way I have no idea how to configure it.
 
actually, since purchase we've gone with a different network setup. now we have a T1 coming into the office. now an IAD-2431 connects to a NIC on our Windows Small Business Server for outward facing traffic. Another NIC on the SBS connects to the internal network via a switch. I have to try to use the wireless router as a WAP. I can either put it on the internal network (which I personally have no problem with) or put it between the outside connection and the small business server. Either way I have no idea how to configure it.

Unless you can't setup a VPN for some reason, I would NOT set that wireless up on the internal network...
 
Unless you can't setup a VPN for some reason, I would NOT set that wireless up on the internal network...

we already have a VPN. i'd set it up on the internal network only if putting it between the small business server and the outside world is impossible.
 
That doesn't surprise me. I'll bet they have geek brain power behind it to build an isolated VLAN with it's own direct port to the internet and a modicum of access to internal network resources while being locked down to the rest of their enterprise network. I'd kill to get a look at their router configs to see what kind of magic they work with them.

i doubt it. companies normally neglect whatever their specialty is becuase they do it everyday. i bet they have like a d-link wireless router from walmart running the entire place.

i work for a fire alarm company and we dont even have a fire alarm in our building. up to code? just barely. :D
 
Jesus, I would hope so. :omy:

well I came in after that so thats what I was told

:shifty:

Although one place I worked at (where I had no control over the matter) was not setup that way.

and up until this new job I had never seen it done that way. So... yeah... once I found that out, I had this flashback of OMG I've worked for idiots for the past five years :lol:
 
Last edited:
So I got all 3 of them up and running, I have to go install them tomorrow. I was hoping we had some one to do that... They don't have/want a lot of security at this place, but I did give the AP closest to the conf room a guest SSID that I'll shut off from the rest of the network w/ a VLAN and an Access-list. The whole place is gigabit hardwired, I don't know why they don't just use that :/
 
i doubt it. companies normally neglect whatever their specialty is becuase they do it everyday. i bet they have like a d-link wireless router from walmart running the entire place.

i work for a fire alarm company and we dont even have a fire alarm in our building. up to code? just barely. :D

Nah, Cisco's offices, at least the Manhatten one and RTP, are like a showplace for their tech.