I was wondering if someone could point me in the direction of adding a registration page to my guest network. I would like to monitor websites, etc to prevent any fraudulent activity on my network. Thanks in advance.
Anything is possible if you are willing to invest time etc.
When you say registration page how exactly do you mean? Talk me through a step by step process as if you are the user connecting and using resources/services on your network. i.e:
1. Log on (local or domain user?)
2. Connect to Wireless network (encryption? - key provided?)
3. Open IE
.....and so on.
Can you provide me with some details as to your network setup? ideally:
Is your server an FRDC? do you have a secondary DC? any member servers?
IIS configured on FRDC/DC?
How many users/workstations?
If you have a guest network and wish to monitor web useage, in achieving this we must establish a way of highlighting an individual user - in order to know exactly who has accessed what. A registration page etc. is pretty straight forward and could be achieved with something as simple as PHP linked to a MySQL/SQL DB. Enabling a user to register and also login etc.
BrokenAtari - good suggestion! Only issue I could see with that is if the user needs access to other resources across the network e.g. shares, printers etc. the point of using a radius server for authentication would be deemed pointless, if this were the case, as you are allowing more access to a network than the a Radius setup is meant for.
Put a computer designated as a firewall + sniffer in between the public network and his network. Then adjust the firewall to allow certain features. Have a special dns running on the firewall computer.
Why not just user account permissions? Guest accounts can get on the same network but have no access to printers etc, only web. A little higher up gets more access and so on to adminship. Of course this will open up a less secure network but what's the % of people who'll use your guest account that'll even bother to hack you? They could do it even without a guest network access to begin with, so in the end, guest accounts with permissions might be the simpliest.