How to weed out some unwanted wifi traffic on the gateway?

M

m1rl0b2011-07-20 12:48:30

WiFi

m1rl0b, 2011-07-20 12:48:30

The situation is as follows:
1) We have a channel to the Internet and users who use it
2) Visiting sites is controlled using pf + squid (transparent) + sams + rejik binding by IP + mac
i.e. employees can only go to non-prohibited sites.
3) There is a Dlink-320 wifi access point for visitors, from which it is allowed to visit anything, except for access to the local network.
4) Non-native employees got into the habit of visiting social networks using this wifi and their mobile phones.
So the task is, how to slaughter traffic for employees without affecting visitors?
Ps: fire, knock on the head, do not offer to take away mobile phones)

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

S

sn4ke, 2011-07-20
@sn4ke

Track in the logs mac'i mobile phones. I would venture to suggest that they do not know how to work with mac changers for mobile phones (although they only met for android and iOS).

M

Maxim, 2011-07-20
@Maxim_ka

In one of the organizations I met this, there is a guest WiFi, it is visible, but password-protected, by providing a badge with a visitor inscription, for example, you get access to Wifi, the password is issued by the office manager. And to control the manager's office itself, if suddenly the password leaks out to employees, the responsibility lies with the manager's office. They implemented it on some Cisco contraption for authorization. Because in order to connect, it was necessary to open the browser and enter the password in the window that opened. The password changed every day.