managing access points

By Squall_Leonheart
in Smart Home, Network & Security

 Share

Recommended Posts

Collaborator

Squall_Leonheart

Posted
Posted

Hi everyone i'm having a problem here. One of my team member is leaving and the management wants all the wireless access point WEB key changed so that the ex-team mate will not be able to do any harmful thing to the organization. This organization is using a lot a lot of APs. 20 branches and each branches is using around 15 APs.

My initial thinking is that to set up a router in between so that i can filter out all the MAC address that i don't want. I than realized that the MAC address filtering is only available for wireless devices. Devices that use network cable will not work.

Changing of AP's WEB key extremely uncomfortable for me as there are too many APs. Anyone can come out with something easier? Thanks a million.

Link to comment
https://www.neowin.net/forum/topic/661696-managing-access-points/
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

So your saying each accesspoint is stand alone, and has its own password to access your network? Yeah thats fine for 1 or 2 in a ma and pa shop.. You say you have like 20 x 15 = 300 of them..

As mentioned Cisco makes a great wireless controller. What type of access points are they?

I would assume they support radius, which would be a central form of auth, and yes would remove your issue of having to change something on all 300 of them.

Collaborator

Squall_Leonheart

Posted
  • Author
Posted

they are d-link AP2000 and dlink ap2100. WEB key and SSID must be set in every AP in order for the AP to work, they are all in the same network. is my initial thinking making any sense? Any router can achieve that?(filtering MAC address for wired network? Why radius network work? is it because of shorter coverage? Any solution or suggestion is well come thank a million again.

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

When you say "WEB" do you mean WEP or WPA -- what is a WEB key?? Are they running some hotspot type portal that users auth too?

Or do the users just use the WEP or WPA preshared key? Thats crazy with more than a couple of APs.. You need to set them up to use a enterprise type solution, ie Radius to auth to your AD or central userbase. So every user's account would be used to auth to your wireless network.

This way when an employee leaves, you just disable their account and they no longer have access to your wireless network. So your what changing your wireless security every time an employee leaves or gets let go? On 300 APs? Thats nuts.

How did ever get to be that many?? Once you hit more than a handful a better way should of been looked into ;)

Not sure what your wanting to do with mac filtering -- your going to filter on mac for every single user machine that might connect to your wireless network? Other than being an logistics nightmare, mac filtering is not a form of security - control yes, security NO!

From a quick look at the product page of the AP2100 it states it supports SNMP management. Then would be your best best for changing all of their settings without having to connect to every single AP interface..

SNMP Management;

The DWL-2100AP is not only fast but it also supports SNMP v.3

for better network management. A Wireless AP Manager software

is available with the DWL-2100AP for network confguration

and frmware upgrades via a web-based confguration utility.

For Enterprise networks, the DWL-2100AP supports network

administration and real-time network traffc monitoring via D-Link?s

D-View Network Management software.

I took a quick look at the emulator, and the 2100 shows a WPA or WPA2-EAP mode, to allow pointing to a radius server to auth your users. I would look into the snmp management features of those devices, and then change them to auth your users to your radius server.. In the windows word you can can use IAS http://technet.microsoft.com/en-us/network/bb643123.aspx , or you could always just setup FreeRadius. http://freeradius.org/

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.