Hi All,
I am new to the forum so please be gentle!

I have been doing a little work for a local charity outfit as past few years on the side, rebuilding machines, setting up emails, online backups, virus removal etc.
Recently I have migrated them from a workgroup environment into a domain environment which was a big change for them but has seemingly went quite well so far.
(One or two of them haven't yet got the concept of individual logins though!)

Hardware/Software setup:

1 x DrayTek 2830n (ADSL broadband, controls DHCP and DNS...at the moment)
2 x DrayTek AP800's (plugged into network but wireless disabled currently)
Windows Server 2012 Essentials as their onsite FileServer & Domain Controller
All Computers are running Windows 7 Pro

They aren't tech savvy in the least so basically what I want to achieve is seamless wireless authentication for the user and access into their file server for remote users working from home or other sites.
Ideally I would like to deploy the wireless (and maybe VPN) profile via group policy so they are left with little to do at their end.

I would like to keep it simple for myself as well for support purposes and troubleshooting.

The plan is to have 2 wireless networks if possible, one internal and one for guests with access to internet only (no internal resource such as printers or file servers etc)

Can you advise what methods I should use to achieve this?
What changes are needed on the Infrastructure end of things?

If you need any more info just ask.

Any help is appreciated.

Regards,
F

So you'll want two SSIDs, one normal and one guest. The guest one you'd want to set up on a separate VLAN so it can't access any of the network resources.

You'll also want to investigate setting up a RADIUS server on the Windows Server machine. The DrayTek would then point clients towards that when they try to access the 'normal' wireless network.

Hi Takeo_Ischi,
That's exactly what I am thinking.

I have 2 VLANS setup in preparation for this already.
Internal wireless (Temporarily using WPA2 PSK) is VLAN 1 and Guest (WPA PSK) is VLAN 2.

Works ok on the 2830n but haven't got it collaborating with the AP800's correctly.

I tried RADIUS but no matter what server or client configs I tried it wouldn't authenticate, always prompted again for login credentials.

Regards,
F

Have you checked this page out?

http://www.draytek.co.uk/support/guides/ap-900-managed-wireless

Hi Takeo,
Thanks, its for the AP900 but shouldn't differ too much from the 800 I would have thought.
I will look deeper into it tomorrow, I wasn't able to access this resource until I joined up. Didn't know it existed!

So basically my first step is to get access points communicating to the 2830n?

I was attempting to get the 2830n to talk to the RADIUS server first then work on the access points thereafter.


F.

Ah, sorry. I thought the 2830n might have supported Wireless LAN Management like the 2860n; nevermind.

But do check out the knowledge base, it describes what you're trying to achieve...somewhere...