Wireless Access

Hey friends,

Could you please suggest a fix for this issue?

One of our customer complained that a network technician was able to access the internet without the need to authenticate against their guest wifi captive portal on Aruba Wifi.

He infomred that the network tech used Netscout to sniff into the Guest Wifi network.

Please input your valuable thoughts to resolve this issue.

Many thanks,

Pravesh

how about starting with the captive portal pre-auth role and checking its ACLs for gaps, errors, openings.

You mention that guest wifi can be sniffed and that the user does not require authentication.

Any non-encrypted WLAN traffic can be sniffed and that cannot be prevented.

Those devices can also spoof mac addresses and ip addresses to gain access to the guest network.

Long story short, I would layer something on top of that network like a preshared key to make it more difficult to sniff and access.

Thanks for your insight Colin.

Could you please give a explain in layman term what I need to do exactly to enable this preshared key?

Thanks in advance.

Pravesh

You would make your network a WPA2-PSK network instead of an open (unencrypted) network.  Again, the implementation of your guest network determines the security, so just adding a PSK is not the final answer.