Hello Sophos Community Members,
I would like to share you my Wireless scenario.
Current scenario :
1 network with 1 SSID : Eg. ABC , Domain controller : DHCP, Combination of Sophos APs and Delink Wireless Devices all with the same SSID.
Domain controller DHCP serving the clients
With increasing number of wireless mobile devices
I am planning to split my network into 2 different networks :
1) 192.168.x.x series for LAN users and Local laptops (SSID : ABC) ( DHCP : Domain controller DHCP)
2) 172.16.10.x series for mobile/tab devices. (SSID : ABC_Mobile) (DHCP : Sophos UTM - DHCP)
We have all sophos products with us Sophos UTM,AP and SEC.
I would like the users of both these networks not to connect to the other one.For example : Laptop of internal network should connect only to SSID : ABC and should not be able to connect to the other network (SSID : ABC_ Mobile) and vice versa
Also I would like to seek guidance on the web filtering profile for mobile device and their authentication (AD SSO ? , CA certificate ? )
Other questions that come to mind :
1) What is the device specific web filtering profile (based on OS) and how will it help
2) How to go about with HTTPS ?
3) How do I authenticate legitimate mobile devices ? (Well MAC binding is one way !!)
Another interesting question :
We have our DC DHCP for network ABC.
For second network ABC_Mobile the DHCP is of Sophos UTM, I have a mix of APs , Sophos and a set of Delink Wireless routers
How do I force the clients connecting to Delink wireless routers to get IPs from Sophos UTM DHCP. We dont use VLANs in our network.
Come experts please guide ! Thanks
PS : Have been a fan of Sophos and its configurations since installations in our organization in 2015.
This thread was automatically locked due to age.
