<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.hoenzb
{mso-style-name:hoenzb;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Arial",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D">We are currently using open-mesh APs with client isolation enabled. To be honest, I’m not sure that setting a password protected SSID would protect users from each other unless
you do some manner of work beyond that point to isolate their traffic from one another. After all, if my patrons know how to connect, can’t the person with a packet sniffer connect as well? <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D">That said, I tend to view networking as akin to “the dark arts”. Do any genuine “defense against the dark arts instructors” have thoughts about this?
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D">Have a good day.
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D">Joe<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D">Joseph Knueven, Director<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D">Germantown Public Library<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D">51 North Plum Street<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D">Germantown, OH 45327<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D">937-855-4001</span><span style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> OPLINTECH [mailto:oplintech-bounces@lists.oplin.org]
<b>On Behalf Of </b>Ken Butler via OPLINTECH<br>
<b>Sent:</b> Thursday, July 20, 2017 4:02 PM<br>
<b>To:</b> Phil Shirley <pshirley@cuyahogafallslibrary.org><br>
<b>Cc:</b> OPLINTECH <OPLINTECH@lists.oplin.org><br>
<b>Subject:</b> Re: [OPLINTECH] Secure wifi with password in the SSID<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">We use NAT Mode on our Meraki wireless APs. They're essentially their own networks with their own private DHCP scope. They also provide wireless client isolation - wireless clients can't talk to one another. No password is needed to connect,
but connected devices must pass through our captive portal and agree to our wireless terms of use before they are granted access to the internet.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On Thu, Jul 20, 2017 at 3:41 PM, Phil Shirley via OPLINTECH <<a href="mailto:oplintech@lists.oplin.org" target="_blank">oplintech@lists.oplin.org</a>> wrote:<o:p></o:p></p>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<p class="MsoNormal" style="margin-bottom:12.0pt">Our wireless internet access for the public is not secure (it doesn't require a password, so it's not encrypted). I would like to add a more secure option and give people the password by putting it the SSID
name (something like "CFL secure - password is fallslibrary"), so that the traffic on their radio transmissions will be encrypted.<br>
<br>
I would be interested to know if any other libraries are doing that, and, if so, if you also offer an option without a password. I'm inclined to offer both at first and then try taking away the non-encrypted option, but I worry that a few devices won't work
with the encrypted option. Any thoughts on this?<span style="color:#888888"><br>
<br>
<span class="hoenzb">Phil</span><br>
<span class="hoenzb">-- </span><br>
<span class="hoenzb">Phil Shirley</span><br>
<span class="hoenzb">Technology Services Coordinator</span><br>
<span class="hoenzb">Cuyahoga Falls Library</span><br>
<span class="hoenzb">Cuyahoga Falls, Ohio</span><br>
<span class="hoenzb"><a href="tel:330-928-2117%2C%20ext.%20109" target="_blank">330-928-2117, ext. 109</a></span><br>
<span class="hoenzb"><a href="mailto:pshirley@CuyahogaFallsLibrary.org">pshirley@CuyahogaFallsLibrary.org</a></span><br>
<span class="hoenzb">_______________________________________________</span><br>
<span class="hoenzb">OPLINTECH mailing list</span><br>
<span class="hoenzb"><a href="mailto:OPLINTECH@lists.oplin.org" target="_blank">OPLINTECH@lists.oplin.org</a></span><br>
<span class="hoenzb"><a href="http://lists.oplin.org/mailman/listinfo/oplintech" target="_blank">http://lists.oplin.org/mailman/listinfo/oplintech</a></span></span><o:p></o:p></p>
</blockquote>
</div>
<p class="MsoNormal"><br>
<br clear="all">
<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal">-- <o:p></o:p></p>
<div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Ken Butler<br>
<a href="mailto:hcotech@holmeslib.org" target="_blank">hcotech@holmeslib.org</a><br>
Head of Information Technology</span><o:p></o:p></p>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Holmes County District Public Library<br>
3102 Glen Drive<br>
Millersburg, OH 44654<br>
PH: 330-674-5972 ext 224</span><span style="font-size:9.5pt"><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
</div>
</body>
</html>