Goals:
1. Creating the secure wireless connection to the company network.
2. Creating separate wireless connection to the internet for guests.
I chose HP ProCurve MSM710 Mobility Controller.
VCS configuration:
VCS profile name: Employees.
In this case I will use external RADIUS Server for authentication so after sucessfull authentication user has full access to corporate network.
Use Service Controller: only Authentication
Virtual AP: WLAN Name (SSID) Employees
Wireless Protection: WPA
Mode: WPA2(AES/CCMP)
802.1X authentication
Remote: RADIUS
uncheck: Wireless security filters
VCS profile name: Guest
In this case we use HTML authentication, so controller will work as authentication and accesss control server.
Use Service Controler for: Authentication
Access Control
Virtual AP: WLAN Name (SSID) Guest
Client data tunnel:
mark: Always tunnel client traffic
mark: HTML-based user logins
mark: DHCP Server (for example)
Now we have to bind our VSC to group of controlled APs. On Network Tree we chose Controlled APs group (in this case Default Group)
next: VSC bindings:
Add New Binding:
Now we have to configure our internet connection in "Network - Ports - Internet port, DNS, IP Routes" etc.
In "Address allocation" we have turn on DHCP for WiFi guests clients:
We need only DHCP for wirelles clients. Uncheck Listen for DHCP requests on: LAN port
Now we need to create some user account for tests.
