Techniques for offering seamless accesses in enterprise hot spots for both guest users and local users
First Claim
1. A method for offering wireless network access to both guests and local users, comprising:
- sending a guest credential to a guest user;
receiving at a common wireless network access point a request for access from one of a guest and local user, said request for access from said guest user including said guest credential;
determining at the common wireless network access point whether the access request was received from local user or guest, said determining including examining a user domain of a party seeking access to determine whether such user domain designates a guest domain;
authenticating the request for access received at the common wireless network access point depending on whether the request was received from the guest or local user, wherein the authenticating step further comprises the step of communicating a request for authentication to one or more authentication servers, the authentication being performed differently depending on whether the party seeking access is a local user or a guest;
if such authentication is successful, then routing traffic from the local user differently from the guest; and
limiting traffic from said guest according to a guest access policy.
4 Assignments
0 Petitions
Accused Products
Abstract
A wireless Local Area Network (LAN 11) capable of providing “enterprise guest” hosting includes at least one an e-open wireless LAN access point (15) that provides access to both guests and local users. Upon receipt of a request for access, the access point forwards the request to an authentication proxy. The authentication proxy then authenticates the party requesting access in accordance with that party'"'"'s status (that is, whether the party is a local user or guest). Upon successful authentication, the network routes the traffic from a local user differently as compared to that for a guest. For example traffic from guests goes to gateway for receipt in an external network such as the Internet, whereas traffic from the local user goes to a local network, e.g., a corporate intranet. In this way, the Wireless LAN 11, after ascertaining the status of the party requesting access, can limit guest traffic according to the guest access policy.
26 Citations
11 Claims
-
1. A method for offering wireless network access to both guests and local users, comprising:
-
sending a guest credential to a guest user; receiving at a common wireless network access point a request for access from one of a guest and local user, said request for access from said guest user including said guest credential; determining at the common wireless network access point whether the access request was received from local user or guest, said determining including examining a user domain of a party seeking access to determine whether such user domain designates a guest domain; authenticating the request for access received at the common wireless network access point depending on whether the request was received from the guest or local user, wherein the authenticating step further comprises the step of communicating a request for authentication to one or more authentication servers, the authentication being performed differently depending on whether the party seeking access is a local user or a guest; if such authentication is successful, then routing traffic from the local user differently from the guest; and limiting traffic from said guest according to a guest access policy. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A wireless local area network for offering wireless network access to both guests and local users, comprising:
-
at least one common wireless network access point offering access to both guests and local users in response to a request for access, the at least one common wireless network access point receiving a request for access from one of a guest and local user, wherein the request for access from the guest user includes a guest credential, the at least one common wireless network access point determining whether the access request was received from a local user or a guest by examining if a user domain received with the access request indicates a guest domain, and the at least one common wireless network access point communicating a request for authentication to at least one server; the at least one server coupled to the at least one common wireless network access point for authenticating the request for access differently depending on whether the request was received from the guest or local user, and the at least one server also for receiving the request for authentication; means for routing traffic from the local user differently from the guest to limit traffic from said guest according to a guest access policy. - View Dependent Claims (8, 9, 10, 11)
-
Specification