M and MSM Series
cancel
Showing results for 
Search instead for 
Did you mean: 

MSN 765ZL Deployment

 
Highlighted
Ryan LeBelle
Occasional Visitor

MSN 765ZL Deployment

Hello all,

I wanted to pick some minds here on a new wireless deployment I am working on for our network.

Currently I have a 765ZL module installed and working properly.

I would like to do the following:

1) Secure/Automatic Authentication for internal laptop users
2) If Authentication fails boot the users into the guest login (to access the guest network)
3) I want to create another VLAN for the wireless IPODs we will deplyoing for our clients within the waiting rooms.

In regards to the authentication I am a little confused as to which I should deploy. There is only 10 laptop users within the company and we do not have a current External RADIUS Server running. Domain is a full AD 2008.

The Goal is to make autheintcation for the internal users seamless and secure to connect internally (a Internal SSID), extenral users can join a guest login (Guest SSID). Also the IPOD network (IPOD SSID - which I can secure by MAC Addresses as I dont want them within my internal domain).


Anyways.. any pointer will help! Just wanted to see my options. I am a wireless newbie
1 REPLY 1
Highlighted
Fred!
Trusted Contributor

Re: MSN 765ZL Deployment

For your laptop authentication you should use the direct Active Directory integration provided with the MSM765zl. This is the best/seamless solution as it is able to use the windows credentials and authenticate the users "automatically" without them having to enter anything on their laptop.

The external guest SSID could use the integrated captive portal to authenticate guests. You would have to create guest accounts in advance in the controller in order for them to authenticate

For the iPods, I would recommend at the very least some WPA passphrase + MAC if you don't want to use RADIUS or AD. This is just a question of extra security. MAC authentication alone is not necessarily very secure.

On a side note, on my iPod I use my domain credentials and I connect directly to the same SSID as my corporate laptop. It works quite well. But then again it really depend on what you want to do.

The MSM Design Guide, but most likely the MSM Implementation Guide available on the HP Procurve portal could be a good start for you to take a look at. You will find insights on Active Directory and the Guest access as well.