cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
633
Views
0
Helpful
2
Replies

Dynamic WEP-keys or WPA with PEAP? risks etc

walruspro
Level 1
Level 1

Hello!

We are bound to deploy a large WLAN at a school here, both for student and employee acess. We have a wired system based on 802.1x and PEAP so we are going to keep PEAP for the WLAN as authentication mechanism.

The AP's will probably be 1230 and a complete mixture of client-adapters (especially from students), we can rule wich adapters the employees are "permitted" to use.

Now to the encryption-issue... As we see it it is the WPA-concept OR dynamic WEP-keys(fast aging of both broadcast and session-keys). What are the pro's and con's here? Considering security and access?(students with adapters that don't support WPA) One option is of course to force users to user WPA-only adapters.

How great is the "realistic" risk of unauthorized access with dynamic wep-keys vs WPA? Is there any documented methods on breaking "5 mins alive"WEP-keys?

I dont think you can run both WPA and WEP in the AP and differentiate in wich SSID the client connects to?

/Fred - Sweden

2 Replies 2

wong34539
Level 6
Level 6

I think you can achieve this by using VLAN in Access Points. To know more go through the following document,

http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801d0815.shtml

jczaplewski
Level 1
Level 1

There is a good argument to go WPA vs dynamic wep, but as you seem to alude to, you know that WPA is as prevalent as it's supposed to be (what happend to Aug 2003? ).

Anyway, dynamic WEP, rotated frequently enough, will provide you adequate encryption of the air waves, if you combine it with PEAP for user authentication, imho.

Review Cisco Networking for a $25 gift card