Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Manage Unauthorized Wireless Device on School LAN

Posted on 2013-06-13
3
Medium Priority
?
468 Views
Last Modified: 2013-07-02
Hello Everyone,

I have a Brocade Wireless Controller as well as an HP Controller serving out wireless to my students and faculty. We started out with a WPA2 PSK which ended up being compromised and now we have a flood of devices on the network. We now are looking at going to .1x authentication using a RADIUS server. Does anyone know or have ideas to accomplish allowing one authenticated session per user on the wireless infrastructure? Or how we can manage unauthorized wireless devices? We are running AD on both 2003 and 2008 Server and our clients are a mix of laptops, iOS devices, and phones. Any advice or help would be greatly appreciated!!

Thanks in advance.
0
Comment
Question by:WindhamSD
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 22

Accepted Solution

by:
Jakob Digranes earned 1000 total points
ID: 39244328
PSK tend to leak when many people have access.

You can use 802.1X with PEAP-MsChapV2 to authenticate devices using domain username and passwords to authenticate devices ---
But you cannot restrict users to one device. Then you need deploy certificates, using EAP-TLS.
Then you also have the stumbling block of enrolling certificates to all devices.
You could however get 3rd party solutions for both controlling access (Like Aruba Clearpass) or MDM software to enroll certificates.

here's a nice guide for PEAP-MsChap with 2008R2
0
 
LVL 47

Assisted Solution

by:Craig Beck
Craig Beck earned 1000 total points
ID: 39246992
If your controllers allow it, you can configure the maximum simultaneous logins.
0
 

Author Closing Comment

by:WindhamSD
ID: 39294263
Thanks guys! My controller doesn't allow it but I'm going down the MDM path using Meraki. Much appreciated.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
The Summer 2017 Scholarship Winners have been announced!
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question