 StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2
 ·CenturyLink
| reply to EGeezer
Re: Router security said by EGeezer:I suggest investigating VLANs as a possible security feature. That's what I'm considering doing as my router supports VLAN's.
But as you said it's not trivial to configure and I want to think about the implications (what can talk to what etc) before I dive in.
--
Don't feed trolls--it only makes them grow! |
|
 EGeezerGo CatsPremium
join:2002-08-04
Midwest
kudos:8
1 edit | Stuart, you may like this configuration example;
»www.youtube.com/watch?v=tbG9YboATvA
I See ZyXel has a SOHO router line that supports both VLAN and imbedded RADIUS server.
See »www.zyxel.com/products_services/···html?t=p
Also see discussion at
»VLAN routing help needed (USG50)
The big problem I have with my RADIUS implementation is that I can't configure smartphones, tablets, printers etc. to connect . They don't seem to have any WPA2 enterprise support.
|
|
 rcdaileyDragoonflyPremium
join:2005-03-29
Rialto, CA
 ·RoadRunner Cable
| Do I understand you to mean that the smartphones, etc., do not have WPA2 enterprise support? I think that must be true, as I have not seen that available in smartphones that I allowed. They do support WPA2 (non-enterprise).
--
It is easier for a camel to put on a bikini than an old man to thread a needle. |
|
EGeezerGo CatsPremium
join:2002-08-04
Midwest
kudos:8 | said by rcdailey:Do I understand you to mean that the smartphones, etc., do not have WPA2 enterprise support?
That has been my experience. I've not seen the ability to configure 802.1x RADIUS authentication on the devices I've encountered. |
|
rcdaileyDragoonflyPremium
join:2005-03-29
Rialto, CA Reviews:
·RoadRunner Cable
3 edits | OK, that's what I thought. The router I have dealt with in this situation can support VLAN and also WPA2-Enterprise, but all those smartphones don't understand WPA2-Enterprise.
I wonder whether you can use WPA2-Enterprise mixed and it would work with the smartphones? I have not tested this. After some checking, I think this probably would not work, either. I also found some commentary about WPA2-Enterprise and Apple iOS5 having issues with connecting.
--
It is easier for a camel to put on a bikini than an old man to thread a needle. |
|
|
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| reply to EGeezer
said by EGeezer:Stuart, you may like this configuration example;
Thanks. My router doesn't implement all the features described in that clip but I now have VLAN's up and going 
PC's (no wi-fi anymore--all cabled) in one.
Wi-fi stuff in another.
VOIP in another.
I may have to tweak things a little but I think my LAN is more secure
--
Don't feed trolls--it only makes them grow! |
|
EGeezerGo CatsPremium
join:2002-08-04
Midwest
kudos:8 | said by StuartMW:... but I now have VLAN's up and going
PC's (no wi-fi anymore--all cabled) in one.
Wi-fi stuff in another.
VOIP in another.
I may have to tweak things a little but I think my LAN is more secure
Woohoo! Virtual beer for you! |
|
StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 Reviews:
·CenturyLink
| said by EGeezer:Virtual beer for you!
Thanks for the offer but I have the real stuff in the fridge 
--
Don't feed trolls--it only makes them grow! |
|
