Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1036
Views
0
Helpful
7
Replies

Does WDS work with PEAP

jaltmann
Level 1
Level 1

‎12-20-2004 06:55 AM - edited ‎07-04-2021 10:16 AM

I want to find out if the ability to use WDS to cut down authentication times only available with LEAP or can you use it with PEAP authentication at this time.

Labels:
0 Helpful
7 Replies 7

Not applicable

‎12-20-2004 12:31 PM

0 Helpful

jaltmann
Level 1
Level 1
In response to

‎12-20-2004 02:00 PM

I am actually interested in Microsoft PEAP (MS-CHAP-V2) authentication. I am trying to find out if the WDS will work with this. This scenario would use Cisco 1231 AP's configured for 802.1x authentication and using Microsoft IAS for the Radius server. I would like to cut down on reauthentication times.

0 Helpful

dixho
Level 6
Level 6
In response to jaltmann

‎12-20-2004 05:48 PM

Yes and no. Infrastructure APs have to authenticate and register to the WDS device before the infrastructure APs can associate wireless clients. Up to now, infrastructure APs use LEAP to authenticate against the WDS device. As IAS does not support LEAP (we have asked Microsoft to support LEAP, but Microsoft says No), you need to use another Radius server to authenticate the infrastructure. Good choices are Funk's Steel Belt Radius server, ACS, or local radius server on the WDS AP.

Then, you configure the WDS device to point to an IAS server for client authentication.

0 Helpful

jaltmann
Level 1
Level 1
In response to dixho

‎12-21-2004 06:04 AM

Thanks for the information! So I could use a local radius server (LEAP) to authenticate the AP's (w/ WDS) and still use IAS to authenticate the Microsoft PEAP clients. Does this mean that the client's would not need to reauthenticate to the IAS server everytime they roamed to a new AP? This is really the issue. If the clients would just authenticate using PEAP for the first authentication and then use LEAP w/WDS to roam between the access points that solution would work perfect. The client devices are dropping their session to the host because of the long PEAP reauthentication times. I am hoping this will stop the clients from reauthenticating. LEAP would be fine for the authenticating the AP's. I just need to use MS PEAP for the clients.

0 Helpful

jaltmann
Level 1
Level 1
In response to jaltmann

‎12-21-2004 11:56 AM

Does anyone have any information about the client requirements for this. Can I use any laptop with with a MC client configured for PEAP, or do you have to have a client capable of CCKM for this? It looks like the network backbone piece will work for my issue. I am just not sure about the ability to use clients with microsoft client software configured for PEAP.

0 Helpful

jaltmann
Level 1
Level 1
In response to jaltmann

‎12-21-2004 11:58 AM

Typo on last post - Change to: Can I use any laptop with a Microsoft wireless client configured for PEAP

Thanks

0 Helpful

dixho
Level 6
Level 6
In response to jaltmann

‎12-23-2004 01:30 PM

Does this mean that the client's would not need to reauthenticate to the IAS server everytime they roamed to a new AP?

Answer: No. If you do not use CCKM, the clients have to re-authenticate to the IAS server everytime they roamed to a new AP. Please be aware that there are 2 phrases in PEAP. Some wireless clients may go to phrase 2 when it roams to a new AP.

If you use Micrsoft's supplicant, please try to enable "Fast reconnect" That may help.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card