[134171] in North American Network Operators' Group
RE: Public Wireless access (ticket / token / schedule based)
daemon@ATHENA.MIT.EDU (Stefan Fouant)
Tue Dec 28 11:59:19 2010
From: "Stefan Fouant" <sfouant@shortestpathfirst.net>
To: <james@jamesstewartsmith.com>, "'Bill Lewis'" <blewis@hottopic.com>,
<nanog@nanog.org>
In-Reply-To: <927692545-1293555329-cardhu_decombobulator_blackberry.rim.net-683802757-@bda343.bisx.prod.on.blackberry>
Date: Tue, 28 Dec 2010 11:58:26 -0500
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> -----Original Message-----
> From: james@jamesstewartsmith.com [mailto:james@jamesstewartsmith.com]
> Sent: Tuesday, December 28, 2010 11:55 AM
> To: Bill Lewis; nanog@nanog.org
> Subject: Re: Public Wireless access (ticket / token / schedule based)
>
> We've had some good success with the Cisco wireless LAN controllers in
> our office. The reception staff are given "Lobby Admin" access that
> let's them create users with a default expiry of a day (but can go up
> to 90 days I think). The wireless is technically open, but they can't
> do anything until they authenticate through the controller's web GUI.
> They we have access lists to control what they can do while on the
> wireless.
James,
Just out of curiosity, how does this solution prevent unauthorized users
from gaining access to the system by the aforementioned MAC spoofing
technique?
Stefan Fouant
