12-11-2003 12:31 PM - edited 07-04-2021 09:13 AM
PEAP + Dell WNics + ACS + NDS/eDir + Novell Cert Server -- Can it work?
I am supposed to do a global WLAN rollout next year and would like to use PEAP, but we are a Novell shop and use the Novell Client. Should I attempt to go down this road, or take the easy way out by making the clients VPN back in?
Thanks!
Tim
12-15-2003 12:37 PM
The MS peap supplicant only works with MS or ODBC databases.
To auth against NDS, you'll have to use either Cisco's supplicant, or third-party supplicant.
12-22-2003 11:29 AM
Yes it can work if you have the correct Dell. There are two types of EAP. One by microsoft that comes with XP SP1 and downloadable client for 2000 etc. The other is Cisco's version that uses the aironet client utility. Microsofts version does not authenticate against any user database except those that support MSCHAP (microsoft only). Cisco's supports MSCHAP and many others to include NDS and Generic LDAP. You must use Ciscos for this to be possible. In order to use Cisco's you must either have an aironet client card or have hardware that has the "Cisco Compatible Extensions (CCX) builtin. Many vendors are jumping on the CCX roadmap and these extensions are being builtin to many laptops with builtin wireless NICs. If you have the right hardware, just download the aironet client utility from cisco website and configure it as if you had a cisco nic installed. The following Link has a list of the models that have CCX. Dell is one of them, just check your model along with what they have listed. Hope this helps.
http://www.cisco.com/en/US/partner/partners/pr46/pr147/partners_pgm_partners_0900aecd800a7907.html
12-26-2003 07:56 AM
my opinion is 802.1x PEAP is only good for securing your wireless infrastructure.
however, for users in global remote locations, i would still prefer to use VPN.
VPN-Central Access Control and end-to-end encryption
802.1x-Securing the wireless infrastructure
FW-Segregating the wireless and wired segment
Anti-Virus/PFW&Patch Management-Security the Desktop
IDS/IPS-Securing the servers
what do you think ?
12-28-2003 04:41 PM
Yes, I am giving up on PEAP. I am going require the VPN client, and make it all pretty with the BBSM HotSpot.
Tim
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide