Educause Security Discussion mailing list archives

Re: Guest Wireless Restrictions

From: Josh Richard <jrichar4 () D UMN EDU>
Date: Tue, 8 May 2012 14:14:01 -0500

On Tue, May 8, 2012 at 1:49 PM, Nardone, Mark <m.nardone () neu edu> wrote:

Require any kind of registration or
authentication?


Cisco wireless controllers redirect to an AUP page.  Click to get
online.  No information is collected.

Restrict the bandwidth, or access to ports and
functionality in any way?


Yes. The VLANs involved are behind Debian servers that limit bandwidth
on the aggregate to some amount.  'Fairness' is achieved using SFQ
congestion control.  Rate limiting using tcng and SFQ is an
implementation of nagle that uses a hash for fairness.  Works well and
was sort of easy to setup.  The firewalls are allowing 80,443 and DNS
to our DNS servers.

Do you allow P2P from the guest range?


If it can get through on the ports above.

We also have sponsoring available for our less restricted wireless network.

-Josh

-- 
Josh Richard
Information Technology Systems & Services
University of Minnesota Duluth

Current thread:

Guest Wireless Restrictions Nardone, Mark (May 08)
- Re: Guest Wireless Restrictions Roger A Safian (May 08)
- Re: Guest Wireless Restrictions Entwistle, Bruce (May 08)
- Re: Guest Wireless Restrictions Bob Bayn (May 08)
- Re: Guest Wireless Restrictions Josh Richard (May 08)
- Re: Guest Wireless Restrictions Rich Graves (May 08)
- Re: Guest Wireless Restrictions Brian Helman (May 08)
- Re: Guest Wireless Restrictions Childs, Aaron (May 08)