[c-nsp] firewalling authenticated wireless traffic

scott owens scottowens12 at gmail.com
Wed Feb 10 07:52:20 EST 2010


   We offer wireless connectivity to about 500 to 1000 user/devices that
authenticate with machine & domain credentials via WPA2.
Currently we send this through a HA pair of ASA5520s where the rule for this
traffic essentially is any->any := ok.
Does anyone let this type of traffic directly into their core networks -
perhaps still restricting other type of wlans with controllers or firewalls
Did you start off with firewalls and move to direct connects, the other way
around, just do it with ACLs, treat all wireless as foreign and have to
authenticate "extra" ?
My thought is that our wireless traffic is likely more secure that our plain
wired networks - at this point without 802.1x on lan.

Thank you,

More information about the cisco-nsp mailing list