GFI Software

Welcome to the GFI Software community forum! For support please open a ticket from https://support.gfi.com.

Home » GFI User Forums » Kerio Control » WPA2 Enterprise/RADUIS questions
WPA2 Enterprise/RADUIS questions [message #119130] Thu, 05 February 2015 18:40 Go to next message
chrwei is currently offline  chrwei
Messages: 186
Registered: October 2009
Before I go spending time reconfig'ing everything with the new EAP/raduis auth features, is there a way to restrict that to only trusted devices somehow? I don't want users logging in with their personal devices on the private network, and that's managed somewhat effectively with WPA2 pre-shared, but only because users tend to be too lazy to extract the key from the device config. a better way to manage this would be awesome.

if it matters, I have UniFi APs.

Report message to a moderator

Re: WPA2 Enterprise/RADUIS questions [message #119155 is a reply to message #119130] Fri, 06 February 2015 09:12 Go to previous messageGo to next message
ictandme is currently offline  ictandme
Messages: 370
Registered: August 2009
Location: Netherlands
Chris, are you using in the Unifi Controller different SSID's based on VLANs?
If so you can create in Control of course a VLAN interface and put on the VLAN MAC filtering. I have done that at a customer where centralized MAC filtering was needed. To ensure on the approved device could work on the WiFi.
And they didn't had UBNT devices.

I have here UBNT AP's and understand what you need.
But my advice is to use VLAN/SSID and centralize MAC filtering.
I guess the approved devices are the company owned devices so MAC should be a problem.

ICT and Me
Carlo Turk
The Netherlands
www.ictandme.com

[Updated on: Fri, 06 February 2015 09:15]

Report message to a moderator

Re: WPA2 Enterprise/RADUIS questions [message #119211 is a reply to message #119155] Mon, 09 February 2015 16:47 Go to previous message
chrwei is currently offline  chrwei
Messages: 186
Registered: October 2009
correct, the approved devices are company owned and users do not have local admin. I'm currently using 2 vlans, using UBNT's captive portal for the guest wifi and a basic linux router, so seems like best plan is to go in stages: first keep current wifi layout but use Control's guest lan features, then move to MAC filtering and EAP.

Report message to a moderator

Previous Topic: Load balancing on Outgoing
Next Topic: Clustering two Control systems
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Thu Jun 08 21:25:50 CEST 2023

Total time taken to generate the page: 0.01772 seconds
.:: Contact :: Home :: Acceptable Use Policy ::.

Powered by: FUDforum 3.0.9.
Copyright ©2001-2022 FUDforum Bulletin Board Software