Solved

Cisco WLC security: best solution for authentication

Posted on 2009-07-01
5
667 Views
Last Modified: 2013-11-12
We have about 20 cisco wireless lan controllers in our environment, placed on different locations.
Today we broadcast two SSIDs, one with web-auth and one with WPA + WPA2+802.1X.
This is a ok solution, but we are now looking for a way to improve the security.
The perfect solution would be that we could install a certificate when we install the user computers, and that this was used to authenticate the user to the wireless network. We should also be able to distribute the certificate with a gpo setting or something like that as well, for old computers that wont be reinstalled for a while.
We also have to log all traffic with the users username, but I hope that it is enough that the user is in the domain and dont have to authenticate with credentials again when connecting to the wireless network (we use ISA server for logging).

Does anyone have a idea on how we can solve this?

Thanks in advance :)
0
Comment
Question by:evuhleye
  • 2
  • 2
5 Comments
 
LVL 12

Expert Comment

by:naykam
ID: 24791996
What server/AD environment you running?
0
 

Author Comment

by:evuhleye
ID: 25477467
We use active directory on windows 2008 server.
0
 
LVL 12

Expert Comment

by:naykam
ID: 26349155
Hi, I just saw no response on that, how did you go
0
 

Accepted Solution

by:
evuhleye earned 0 total points
ID: 26351988
I have solved this using win 2008 enterprise with network policy server.
As long as you have a CA-server, this is easy to solve using dot1x :)
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
With the purchase of CloudCommand by Comcast customers are left in a bind as subscriptions expire and render the AP's disabled. The following will explain how to flash your Ubiquiti AP's with CloudCommand firmware back to Ubiquiti firmware. HOWTO…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now