I have been charged with the feat of setting up a secure wireless network for our entire office. I have identified 5 common area locations where an AP would fit well.
Currently we have a test AP on our public switch (before the firewall) and users must log into our VPN after they associate with the AP in order to access any internal resources. However, they cannot access the internet. While this is the most secure, I think setting up a proxy to allow people to get back outside is sort of a hack.
What I want to do is set up these 5 APs through internal switches, enable MAC filtering, WPA2, put all the APs on their own subnet, and call it a day. I have access to all of the MAC addresses for every wireless device so after entering them all into a one AP, it would be nice to be able to export that config file and upload it to every other AP.
Is this the way most other companies implement a wireless solution? Are there better ways?
Currently we have a test AP on our public switch (before the firewall) and users must log into our VPN after they associate with the AP in order to access any internal resources. However, they cannot access the internet. While this is the most secure, I think setting up a proxy to allow people to get back outside is sort of a hack.
What I want to do is set up these 5 APs through internal switches, enable MAC filtering, WPA2, put all the APs on their own subnet, and call it a day. I have access to all of the MAC addresses for every wireless device so after entering them all into a one AP, it would be nice to be able to export that config file and upload it to every other AP.
Is this the way most other companies implement a wireless solution? Are there better ways?