1

At one of my client's sites I need to keep my users unauthorized devices off the wireless. They all know the SSID and Password because many of them have laptops that need the wireless. I'm running out of IP address's and we have sent out numerous emails asking them to stay off, but like most users they ignore IT's email. I'm currently running Server 2003 as the GC/DC (but have 2008 servers in place) and 2 Netgear WNAP320. I've seen several posts similar to what I'm looking for but they seem to deal with Linux. My question is how do I go about doing this without migrating (scheduled for the end of the year) to a new server and is it possible to do this within Server 2003?

Thanks msindle

msindle
  • 605
  • 8
  • 26

1 Answers1

1

MAC filtering is probably not your best bet. Having said that, MAC filtering is typically a function of your Wifi radios. The WNAP320 does have MAC filtering capability but loading a bunch of MAC addresses into your radios will be a pain.

The WNAP320 also supports 802.1x authentication, which is what I'd recommend. You can force client devices to authenticate before being allowed to associate with the wireless network. I wrote about doing this in a Windows environment in 2010 and I think it would apply well to your situation. Depending on the Windows operating system versions of your clients you may be able to get away w/ using only computer authentication (Windows 7 supports this) and you'll be able to lock the Wifi network down to a specific group of computer accounts.

The RADIUS server in Windows Server 2003 will definitely do what you need to make this happen. I've never used the WNAP320 but, so long as it isn't brain-damaged, you should have success.

Community
  • 1
Evan Anderson
  • 141,881
  • 20
  • 196
  • 331