Friday, January 16, 2009

Guest SSID for Autonomous AP

Some SMB offices who have an Enterprise wireless (used by their employees) would in addition to this prefer to have a Guest Wireless for their guests, which allow their guests to only access the internet but not their corporate servers or systems. For this to be implemented on an autonomous Access Point sub-interfaces need to be created on the dot11radio interface, one for Guest VLAN and one for Secure (Office) VLAN. Here in this example the Fast Ethernet port on the Access Point is divided into 3 sub-interfaces: Guest VLAN, Secure VLAN and Management VLAN (for remotely telnet'ing to the Access Point using the BVI inteface IP address ). While on the Switch, the port connected to Access Point needs to be configured as a Trunk port allowing all VLAN's and an Access List need to be applied on the Guest VLAN interface so that they cannot access the corporate network.
========================
Configuration on Access Point
========================
dot11 ssid Secure
  vlan 201
  authentication open
  authentication key-management wpa
  wpa-psk ascii 7 12495447445B54340F1915
!
dot11 ssid Guest
  vlan 202
  authentication open
  authentication key-management wpa
  guest-mode
  wpa-psk ascii 7 106B27332A2E25222A2D
!
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 201 mode ciphers tkip
 !
 encryption vlan 202 mode ciphers tkip
 !
 ssid Secure
 !
 ssid Guest
 !
 speed basic-1.0 basic-2.0 basic-5.5 basic-11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
 bridge-group 1
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.201
 encapsulation dot1Q 201 
 no ip route-cache
 bridge-group 201
 bridge-group 201 subscriber-loop-control
 bridge-group 201 block-unknown-source
 no bridge-group 201 source-learning
 no bridge-group 201 unicast-flooding
 bridge-group 201 spanning-disabled
!
interface Dot11Radio0.202
 encapsulation dot1Q 202 
 no ip route-cache
 bridge-group 202
 bridge-group 202 subscriber-loop-control
 bridge-group 202 block-unknown-source
 no bridge-group 202 source-learning
 no bridge-group 202 unicast-flooding
 bridge-group 202 spanning-disabled
!
!
!
interface GigabitEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
 hold-queue 160 in
!
interface GigabitEthernet0.200
 encapsulation dot1Q 200 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.201
 encapsulation dot1Q 201
 no ip route-cache
 bridge-group 201
 no bridge-group 201 source-learning
 bridge-group 201 spanning-disabled
!
interface GigabitEthernet0.202
 encapsulation dot1Q 202
 no ip route-cache
 bridge-group 202
 no bridge-group 202 source-learning
 bridge-group 202 spanning-disabled
!
interface BVI1
 ip address 10.0.200.4 255.255.255.0
 no ip route-cache
===================
Configuration on Switch
===================
interface Vlan202
 description *** Guest Wifi VLAN ***
 ip address 10.0.202.1 255.255.255.0
 ip access-group 101 in
!
interface Vlan200
 description *** Management VLAN ***
 ip address 10.0.200.1 255.255.255.0
!
interface Vlan201
 description *** Secure Wifi VLAN ***
 ip address 10.0.201.1 255.255.255.0
!
!
access-list 101 deny ip 10.0.202.0 0.0.0.255 10.0.200.0 0.0.0.255
access-list 101 deny ip 10.0.202.0 0.0.0.255 10.0.201.0 0.0.0.255
access-list 101 permit ip any any
Posted by at 1 comment:

Thursday, January 8, 2009

MS Office Excel Date Difference

Last week a person in my office asked me how to find the difference between two dates in MS Office Excel (a typical question during year ending)i.e., in days, months and years. I like challenges and this one seemed like one, my programming skills kicked in and I was making all kind of ugly equations especially since I have hardly worked with Excel. Later a search in google revealed that MS Office Excel already had a function to solve this (what a waste of my time). Here it is for all you out there who are searching for this.

=DATEDIF(F11,G11,"y") & " years " & DATEDIF(F11,G11,"ym") & " months "&DATEDIF(F11,G11,"md")&" days" 


Posted by at No comments:

Monday, January 5, 2009

Adding Checkbox in MS Office Word 2007

Recently I was scratching my head to find a way to add checkbox in MS Office Word 2007, It took me a while to find the solution. If you have also stumbled on this problem, you can follow these steps:

Click on the Microsoft Office button (on the left top corner) in MS Word 2007, then click on "Word Options" in the drop down list. From the Word Options window select the "Popular" Page. Check the box next to "Show Developer tab in the Ribbon" and click ok.

Now click on the Developer Tab that will appear on the MS Word 2007 Ribbon. Select the location where you want the checkbox and then click on Legacy Tools (in the "Controls" panel) and select checkbox.
Posted by at No comments:
Subscribe to: Posts (Atom)