Implementing a split VLAN wireless infrastructure

To make the decision at the access point, you'd use an AP that supports VLAN tagging based on SSID. You'd define one SSID for unauthenticated Internet access (VLAN #1), and another SSID for authenticated private network access (VLAN #2). You'd need to connect your APs to a VLAN-capable switch to relay VLAN #1 traffic in one direction, VLAN #2 traffic in the other direction. You'd send VLAN #1 traffic through a web portal, for example NoCatSplash, to display your disclaimer page.

Download this free guide

PDF: How to Choose the Best Identity Access Management Software

Since mobility is a vital element in almost every modern IT shop, today's comprehensive IAM platforms should feature capabilities enabled by a mobile environment. Save this PDF to help prioritize which capabilities your business needs in IAM software.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

To make the decision at a wireless gateway/switch, you can use any AP and one or more SSIDs (depending on your desired link layer security architecture). The gateway/switch will be responsible for acting as the web portal, displaying a login page, letting guests "click through" without authenticating, providing real user authentication for others, and enforcing role-based access control. Many wireless gateways and switches can also apply VLAN tags based on authenticated role. Andy Dornan wrote a nice overview of WLAN gateways and switches for Network Magazine; you'll find plenty of vendor product URLs there.