Cisco WPA authentication without certificates

I'm trying to set up WPA (or any other type) of encryption on a Cisco access point that pulls a username and password from my windows 2003 radius server.

The default seems to use certificates, and this is not acceptable, there are too many clients with too many operating systems involved, I can't push certificates out to them, and the users are not savvy enough to install them on their own.  I need the user's active directory logon credentials to authenticate them.  A preshared key or wep key is also not acceptable. (they will either forget it constantly or give it to people who are not supposed to have it)
Who is Participating?
mrnetbiosConnect With a Mentor Commented:
PEAP using MS-CHAPv2 user authentication will do what you want.
You do not need certificates on every client, only on the RADIUS servers.

The deployment problem is that XP has defaulted to EAP-TLS in the past, but that has changed recently.
If you can deploy a wireless GPO it would help, but otherwise you have to explain how to configure the connection correctly.

I would think that setting up 802.1x in combination with a RADIUS server would be the way to go for you. Unfortunately I haven't set this up myself yet, but I found a link with documentation you might be able to use.

I hope this works for you.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.