Re: Is it possible to use LEAP and WPA in a single AP with same

murphychan · ‎12-05-2006

Dear all,

We are using Cisco AP1231 Access Point in our office to provide the wireless LAN and we are using LEAP for authentication. Now, we would like to use WPA (with PEAP authentication) for the new notebooks. Is it possible for a single AP to use LEAP and WPA in a same VLAN? The SSID can be same or different. Thanks.

Regards,

Murphy

rafa_lanna · ‎12-05-2006

Hi Murphy,

If you're asking if Cisco LEAP is supported by WPA WPA2, yes, like all EAP types, Cisco LEAP can be used with WPA and WPA2 networks.

But if you're asking if LEAP and PEAP works on the same AP to the same VLAN, no you can not do it. There are several differences between them that you can check on the following link at the title "EAP TYPE COMPARISONS":

http://www.cisco.com/en/US/netsol/ns339/ns395/ns176/ns178/netqa0900aecd801764f1.html

I have already configured a solution using PEAP because it was exactly what I need to provide a good authentication and attacks prevention to my customer. The document bellow was helpful in my case.

Hope it helps. If it does, please rate.

Regards,

Rafael Lanna

Dinko Mihelcic · ‎12-08-2006

Hi,

You can use Leap and Peap (and others) both with wpa on the same AP (same SSID, same VLAN) if you have auth. sever(s) that support them.

dot11 ssid ittest

vlan 100

authentication open eap peap_list (for 3rd party clients ...)

authentication network-eap leap_list (for cisco leap clients )

authentication key-management wpa

interface Dot11Radio0

...

encryption vlan 100 mode ciphers tkip

...

Regards,

Dinko

Is it possible to use LEAP and WPA in a single AP with same VLAN?