Sign in
 
HomeLibraryWikiLearnGalleryDownloadsSupportForumsBlogs
Resources for IT Professionals >
FixedGuest wireless setup?

Answered FixedGuest wireless setup?

  • Tuesday, August 17, 2010 10:02 PM
     
     
    Sign In to Vote
    0

    Hello, I have a client that has a SBS 2003 setup, with a DIR-655 router that handles the Wireless lan and the Guest Wireless. The guest wireless seems to not like the sbs 2003 handling the dhcp so it will not give the clients an address. What is the easiest way for a guest wireless to be setup?

     

    The sbs 2003 is a single network card setup and running standard not preium.

    I have a standalone dell that could be turned into a firewall, if needed to segment the lan and the wireless.

     

    I solved the problem. I went with a Linksys with DD-WRT and Vlan-ed my Network.

    • Edited by Donald7777 Thursday, February 10, 2011 11:11 PM
    •  
     

All Replies

  • Tuesday, August 17, 2010 11:47 PM
    Moderator
     
     
    Sign In to Vote
    0

    Can't really say this is the easiest, since that would be a matter of individual preference, but it is the tried and true and secure way.

    http://home.comcast.net/~clearviewtc/

     

    Larry Struckmeyer
     
  • Wednesday, August 18, 2010 6:57 AM
    Moderator
     
     
    Sign In to Vote
    0

    Many of the guest wireless setups have a setting to allow/deny access to the LAN. If Denied, the SBS server is on the LAN side and therefor won't be communicating with the SBS's DHCP server.

     

    By design, it is expected the Guest Wireless would use the "routers" builtin DHCP server. Not all of these Guest Wireless (mulit SSID) routers have the ability to *enable* DHCP for the guest side  and *disable* DHCP for the Primary Wireless (& LAN connected) side.

    /kj ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
     
  • Wednesday, August 18, 2010 8:18 AM
     
     
    Sign In to Vote
    0
    indeed, this is what i seem to be running up against. sadly there is no option to allow dhcp for guest or any of the nice options. 
     
  • Wednesday, August 18, 2010 3:44 PM
    Moderator
     
     
    Sign In to Vote
    0

    Something I had on my lab to do , was to configure a guest wireless DHCP server using some open source or other cost reduced DHCP Server implemetation. Theoretically, it should work. Just have been pedal to the metal this summer and it's down on the lab list. So, if you are in a position to try it, please report back if it works for you.

    Perhaps someone else already has and can chime in.

    /kj Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
     
  • Thursday, August 19, 2010 9:32 AM
    Moderator
     
     Answered
    Sign In to Vote
    0

     

     

    Hello,

     

    Thank you for your post here.

     

    You may check whether the wireless router supports RFC 1542 (DHCP relay). You may configure a new IP subnet for wireless network and create a corresponding IP scope in the DHCP server. A RFC 1542 supported and enabled router will forward the DHCP request to your internal DHCP server and issue IP lease for wireless clients.

     

     

     

     
  • Thursday, August 19, 2010 12:30 PM
    Moderator
     
     Answered
    Sign In to Vote
    0

    Previously, if one of my customers wanted to offer guest wireless access, I would connect the guest wireless to the ISP provided router, so that it was NOT part of the SBS server LAN network. Router would have DHCP disabled. Guest wireless would use a separate IP chema (192.168.2.x) from the SBS IP schema (usually 192.168.1.x)

    Internet - Router - Switch - SBS and LAN workstations
                             - Guest Wireless

    However, in today's era, I prefer to drop in a hardware firewall (such as the Calyptix AE series) that allow me to segment out separate networks. Again the gurst wireless plugs into one port, the SBS to another.

    Internet - Router - Firewall - Port 1: Switch to SBS and LAN workstations
                                              Port 2: Guest Wireless

    With the AE firewall in place, I can monitor traffic from both ports, implement web traffic rules and implement intrusion detection/prevention controls.

    P.S. I'm not pushing the Calyptix box, it's just that's what I am currently using for several of my accounts. Other vendors have similar products and feature sets.

    -Kevin Weilbacher (SBS MVP)
    "The days pass by so quickly now, the nights are seldom long"
    KW Support MVP Blog
    MVP's do NOT work for Microsoft. We give our time freely to support the SBS community!
     
  • Friday, August 20, 2010 3:41 AM
     
     Answered
    Sign In to Vote
    0

    I do something similar using Sonicwall firewalls (such as a TZ-200 or TZ-210). I have one port designated for use by my SBS network (with the DHCP provided by the SBS server). I designate another port as a separate VLAN and can specify a separate subnet as well as have the Sonicwall provide DHCP for any connections provide through that port. Then plug in a wireless access point into it.  In addition to that, I can set rules to provide public traffic for that port to use a different static IP from the one my SBS is using.  That way, if guests come in with an infected laptop (sending out spam) , it doesn't potentially get my other public IP addresses blacklisted. Intrusion protection, spyware, and anti-virus services also used to monitor and control traffic on that port separate from the one used by the rest of my network.

    "Kevin Weilbacher [SBS MVP]" wrote in message news:63367a5d-b36f-4ac9-b5ed-ece55daea772@communitybridge.codeplex.com...

    Previously, if one of my customers wanted to offer guest wireless access, I would connect the guest wireless to the ISP provided router, so that it was NOT part of the SBS server LAN network. Router would have DHCP disabled. Guest wireless would use a separate IP chema (192.168.2.x) from the SBS IP schema (usually 192.168.1.x)

    Internet - Router - Switch - SBS and LAN workstations
                             - Guest Wireless

    However, in today's era, I prefer to drop in a hardware firewall (such as the Calyptix AE series <http://www.calyptix.com/>) that allow me to segment out separate networks. Again the gurst wireless plugs into one port, the SBS to another.

    Internet - Router - Firewall - Port 1: Switch to SBS and LAN workstations
                                              Port 2: Guest Wireless

    With the AE firewall in place, I can monitor traffic from both ports, implement web traffic rules and implement intrusion detection/prevention controls.

    P.S. I'm not pushing the Calyptix box, it's just that's what I am currently using for several of my accounts. Other vendors have similar products and feature sets.

    -Kevin Weilbacher (SBS MVP)
    "The days pass by so quickly now, the nights are seldom long"
    KW Support MVP Blog <
    http://msmvps.com/blogs/kwsupport/default.aspx>
    MVP's do NOT work for Microsoft. We give our time freely to support the SBS community!