Solved

Cisco WPA authentication without certificates

Posted on 2008-10-05
3
575 Views
Last Modified: 2013-12-09
I'm trying to set up WPA (or any other type) of encryption on a Cisco access point that pulls a username and password from my windows 2003 radius server.

The default seems to use certificates, and this is not acceptable, there are too many clients with too many operating systems involved, I can't push certificates out to them, and the users are not savvy enough to install them on their own.  I need the user's active directory logon credentials to authenticate them.  A preshared key or wep key is also not acceptable. (they will either forget it constantly or give it to people who are not supposed to have it)
0
Comment
Question by:stolenpants
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 8

Expert Comment

by:Jay_Gridley
ID: 22668425
I would think that setting up 802.1x in combination with a RADIUS server would be the way to go for you. Unfortunately I haven't set this up myself yet, but I found a link with documentation you might be able to use.
http://www.cs.umd.edu/~mvanopst/8021x/howto/ap.html

I hope this works for you.

JG
0
 
LVL 2

Accepted Solution

by:
mrnetbios earned 500 total points
ID: 22747339
PEAP using MS-CHAPv2 user authentication will do what you want.
You do not need certificates on every client, only on the RADIUS servers.

The deployment problem is that XP has defaulted to EAP-TLS in the past, but that has changed recently.
If you can deploy a wireless GPO it would help, but otherwise you have to explain how to configure the connection correctly.

0

Featured Post

Are You Ransomware's Next Victim?

Worried about ransomware attacks hitting your organization?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with WatchGuard Total Security!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Multi-source agreements are important because they set standards that all manufacturers should follow to ensure that devices are compatible with multiple vendors. The multi-source agreement (MSA) is an agreement that establishes how multiple vendors…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question