Re: WAP4410n authenticating to Active Directory

PalladyneInternational · ‎08-23-2011

Hello all,

I have a WAP4410n which I'd like to authenticate users against our corporate active directory. I would like to know how to achieve this - whether we require a dedicated RADIUS server, whether AD has a RADIUS engine which can be used, etc. Also, what would the pros / cons be of this setup versus using a WPA2 password?

regards

Malcolm

jasbryan · ‎08-24-2011

HI,

Then only configuration you need to do in the WAP4410N is set the security mode to WPA2 enterprise,

Enter RADIUS server IP address ••à

RADIUS port number (1812)

Shared Secret (phase of RADIUS server key)

Key Renewal Timeout (keep at default setting)

This is all the configuration you will need to do in the WAP4410N, All other configuration will be done on the Microsoft Server and client Side. Many customer calls for support when they are trying to use RADIUS with the AP and the AP is only passing all wireless traffic to RADIUS server (It will be a RADIUS problem not AP problem). The WAP4410N is only providing wireless connection to the client at this point. It’s not doing any authentication all is done between Client and RADIUS server

.

SEE MICROSFOT FORMS FOR THE CONFIGURATION OF RADIUS SERVER AND CLIENTS.

Cons:

For most users (Very difficult to implement)

Can be Complex implementation

Pros:

Auditing, seeing who is logged on and when

Scalability over a Wide network.

All users don’t’ have same security key (authentication via user name and password)

Greater Security

Central point of administration

Thanks,

Jasbryan

Cisco Support Engineer

.:|:.:|:.

PalladyneInternational · ‎08-24-2011

Dear Jasbryan,

Thank you so much for this information, which has been hugely valuable. As always, I shall post a closure to my request once I get this solution completed.

Warm regards

Malcolm