[c-nsp] firewalling authenticated wireless traffic
scott owens
scottowens12 at gmail.com
Wed Feb 10 07:52:20 EST 2010
Hello,
We offer wireless connectivity to about 500 to 1000 user/devices that
authenticate with machine & domain credentials via WPA2.
Currently we send this through a HA pair of ASA5520s where the rule for this
traffic essentially is any->any := ok.
Does anyone let this type of traffic directly into their core networks -
perhaps still restricting other type of wlans with controllers or firewalls
?
Did you start off with firewalls and move to direct connects, the other way
around, just do it with ACLs, treat all wireless as foreign and have to
authenticate "extra" ?
My thought is that our wireless traffic is likely more secure that our plain
wired networks - at this point without 802.1x on lan.
Thank you,
Scott
More information about the cisco-nsp
mailing list