wireless and vpn (read-only) - it. · pdf filewireless and vpn upgrade agenda § vpn...
TRANSCRIPT
Wireless & VPN Infrastructure Upgrade Project
Jean-Ray and Khalil October 2017
Wireless and VPN Upgrade
Agenda
VPN upgrade Project Current and new infra
Wireless Upgrade Project Current and new infra
Getting Ready
VPN Project
Project Scope
The scope of the project is to upgrade the VPN client and change the authentication to Active Directory
Project Delivery: New VPN client Anyconnect Decommission the old VPN client Change the authentication to AD
VPN Project
Old VPN client New VPN client
Phase1 client upgrade
VPN Current & New Infrastructure
Remote CampusWireless
Staff
Consultant
Consultant
Remote
Staff
Consultant
Consultant
ActiveDirectoryDomainController ITTStaff
ActiveDirectory
uOttawa
uOttawa
VPNCurrentinfratsructure
NewVPNinfrastructureOtherneed
Wireless Project
Project Scope:
The scope of the project is to have one single SSID eduroam serving all the users on Campus
Project delivery: Decommission the following SSIDs:
uOttawa uOttawa-WPA
Change authentication to AD Setup Captive Portal
Current Wireless InfrauOttawaSSID
eduroamSSID
uOttawa-WPASSID
ActiveDirectoryDomainController
uOttawa
guOttawaSSID
Staff
Student
Guest
ActiveDirectory
OpenAccess
New Wireless Infra
eduroamSSID
ActiveDirectoryDomainController
uOttawa
ConferenceSSID
Staff
Student
Guest
ActiveDirectory
EmployeeAccess
StudentAccess
CaptivePortal
Conference
uOttawa
IT
OpenAccess
Getting Ready for the Change
Ensure all users / devices are using SSID Eduroam
Sponsored Accounts: Some accounts may be sponsored and use
credentials starting with X+number These accounts need to use their AD credentials Some of these accounts may not have AD. Can
request via Service Desk to have one created.Firewalls:
No server-side firewall rules for WPA/Eduroam should be created to secure access.
Use VPN layer on top of Eduroam, build f/w rules based on VPN subnets.