Go Back   Tech Support Forum > Networking Forum > Security and Firewalls

centralized authentication for decentralised Internet access

This is a discussion on centralized authentication for decentralised Internet access within the Security and Firewalls forums, part of the Tech Support Forum category. The orgnaization has 4 sites where they have a small computer lab/workspace with DSL (at each site) for accessing the


Closed Thread
 
Thread Tools Search this Thread
Old 09-12-2009, 05:40 AM   #1
Registered Member
 
Join Date: Sep 2009
Posts: 1
OS: Vista



The orgnaization has 4 sites where they have a small computer lab/workspace with DSL (at each site) for accessing the Internet. DSL services are from commercial ISPs. There are visitors going into each site and stay some time for their research work. Each site has a number of its own dekstops (Windows XP/Vista machines) and the visitors do also use their own laptops to access the Internet. A wirelss network is setup at each workspace and is protected with WEP (WPA). There are no (windows) domains or servers at these four locations. The visitors are given the WEP key (over the phone) for them to access the wireless and hence the Internet.

I wish to implement a solution where authentication is centralised at their main office (5th site). The visitors generally come to the main office first before going to other satellite sites. All they need access is Internet. Such a centralized solution will also let the organization monitor/log usage (once a visitor has managed to burn entire monthly DSL quota in 2 days and the organisation could not identify the exact person who was responsible for it). The sites are basically functioning with very minimal staff/administrative supervision.

Wireless Access Points have been recently upgraded with D-Link 3200APs, which can talk to a RADIUS server.

Is it possible for a RADIUS server to be kept at the central office for authentication & accounting though the 4 satellite sites have their own private subnets? What (cost effective) options do I have for this scenario?

__________________
patrick101 is offline  
Old 09-30-2009, 03:11 PM   #2
Registered Member
 
Join Date: Sep 2008
Location: INDIA
Posts: 101
OS: 2008/2003 Server/xp sp2/Vista/Windows Seven



Hi,

Configure the DWL-3200Ap to authenticate via radius server.

For Radius server ip address - Mention Wan(Public) ip address of the main office where you have the radius server.

In the main office router - forward a port to the radius server ip address - so any request for authentication to the main office public ip address will be forwarded to the radius server.

I believe that the server which is acting as radius server should also be a ADS(Domain) server for Authentication.

Create different users on the Ads server for authentication so that each sessions will be recorded.

Also you can identify when a particular user started the session as well as closed.


Hope this will help you.....
__________________
L8ians is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2


All times are GMT -7. The time now is 07:20 PM.


Copyright 2001 - 2014, Tech Support Forum

Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts