Hey everyone! I'm looking for some insights on using Smoothwall appliances in educational settings. We're currently facing a major challenge at our school with its SSL login functionality. Specifically, we have to install a security certificate on every BYOD device to access the SSL login page, and it's becoming a real headache for our admin team. Has anyone else dealt with similar issues? More importantly, has anyone figured out a way to set up a secure login for BYOD users that doesn't require individual certificate installations on every single device? Any tips or alternative solutions would be super helpful!
4 Answers
You definitely shouldn't have to install the certificate on every device if you're using a certificate from a recognized certificate authority. Smoothwall tech support should be able to help you with that and reduce your workload!
It sounds like you might be over-complicating things! When I used Smoothwall years ago, we utilized a purchased SSL certificate, and it worked without needing all that manual install hassle. We just had it for the web login and didn’t run into troubles with SSL inspection. Maybe it's worth looking into?
Thanks for the input! We do have an SSL Certificate, but it seems like we still end up needing to install it on devices every single time for the web login. It's a real nuisance!
If you're going with their captive portal, using a publicly trusted certificate should work just fine—as long as your Smoothwall's hostname matches that certificate. But remember, if you’re doing SSL filtering on BYOD devices, the root certificate still needs to be installed. It’s a bummer, but that’s just the way it is. Most students usually opt for mobile data over unreliable school WiFi.
Exactly! We do have a setup where they have to accept terms via an Aruba Captive Portal before getting to Smoothwall's login and downloading the certificate. But if they don’t, they run into that annoying ‘not secure’ warning. It’s leading more of them to use their data, which is not ideal for us.
Have you thought about using RADIUS for authentication? That way, devices can connect to your network without needing to re-authenticate all the time. You can find the relevant settings under Authentication > BYOD in the Smoothwall interface.
Interesting! How do I actually add the RADIUS client? Do I use the switch addresses or just user addresses?
I actually contacted support multiple times, and they just keep telling me I need to manually install the certificate on each device. Ugh, such a hassle, especially when it's over 200 students each term.