1

My scenario is this: My manager wants random unmanaged users who come into meetings to have easy wireless access to the internet. We are running windows server 2003 with AD. The issue is our internet goes through a isa proxy on the other end of the network not managed by me.

My idea would be put a proxy between the wireless and the corporate network. Given so I would have to use the isa proxy as the upstream proxy. The only issue I have is I don't want the users to go through wireless authentication. I would like to have a proxy pass on http requests as if it were coming from the proxy itself.

If not so I would like to have it configured to use my domain user name and password so that users won't be prompted to authenticate.

I think I read somewhere I need a proxy that modifies http headers. But my my search beyond that has proved to be futile! thanks

Dennis Williamson
  • 62,149
  • 16
  • 116
  • 151

1 Answers1

1

Your solution would probably work; but I can't really say more about it.

Most modern firewall appliances have several more or less ready-made recipes for segmenting into a DMZ, trusted network, and untrusted (wireless) network. Assuming there is such an appliance upstream of your ISA, then adding the wireless there would be much cleaner IMHO.

You mention you have an upstream network that you don't control. If your boss wants the insecure wireless network set up, perhaps he should talk to the upstream department / ISP, and get the wireless connected 'upstream' of your ISA firewall?