-----Original Message----- From: james@jamesstewartsmith.com [mailto:james@jamesstewartsmith.com] Sent: Tuesday, December 28, 2010 11:55 AM To: Bill Lewis; nanog@nanog.org Subject: Re: Public Wireless access (ticket / token / schedule based)
We've had some good success with the Cisco wireless LAN controllers in our office. The reception staff are given "Lobby Admin" access that let's them create users with a default expiry of a day (but can go up to 90 days I think). The wireless is technically open, but they can't do anything until they authenticate through the controller's web GUI. They we have access lists to control what they can do while on the wireless.
James, Just out of curiosity, how does this solution prevent unauthorized users from gaining access to the system by the aforementioned MAC spoofing technique? Stefan Fouant