Guest Wifi

The 3 wifi options

Open wifi - Just click and connect
WPA2-PSK - single key on AP's and shared by all users
WPA2-Enterprise(802.1x) - AP forwards encrypted traffic to radius server, server Auth to client with Certificate, Client auth either of User+PWD, Certificate, OTP, etc.

Landing page / Portal

Re-directs initial client traffic to registration servers and only allows access once authenticated.

What is the goals/clients of guest wifi ?

Actual Corporate guests, doing presentations etc, needing internet access
Corporate users - keeping private devices e.g. Phones, of the corporate network, but still able to sync o365 email, and get teams alerts
Testing as if connected at home.

Risks:

Fake AP (Open , and psk) - wpa2-enterprise(802.1x) uses certificate to auth AP
Sniff traffic for info/passwords (Open and psk if key known), true for any other open AP,
- all client traffic should be SSL
Attack on user from other users, on same wifi. (Probes, sniffing etc.)

GuestWifi (last edited 2021-06-01 03:36:11 by PieterSmit)

Page.execute = 0.001s
getACL = 0.000s
init = 0.004s
load_multi_cfg = 0.000s
run = 0.010s
send_page = 0.009s
send_page_content = 0.001s
total = 0.015s