Secure wireless

jarmentrout · ‎10-26-2005

We currently have 3 Linksys WAP54g access points using WPA-PSK.

We would like to be able to authenticate users instead of having one pre shared key for everyone.

It would be great if we could authenticate against our Windows 2003 active directory.

One other requirement would be to have a "guest" account which would be on a seperate VLAN and just have internet access and not access to corporate network.

I found a howto to setup 802.1x with RADIUS, but can't seem to make it work, and not sure how I would do the VLAN thing.

Anyone have any ideas on how to better secure our wireless network. Would like to know what others are doing?

SHANNON WYATT · ‎10-27-2005

You can use IAS (part of 2000/2003 server) to authenticate users for PEAP or EAP-TLS. Cisco has docs on setting this up for Aironet APs. You may find some docs on the Linksys site for the settings on the Linksys APs.

Linksys APs do not support multiple SSIDs, so the only way to support guest would be to purchase Cisco APs that support VLANs and Multiple SSID (the 1130s are pretty cheap) or to put in 2 seperate wireless networks, one for guests and one for employees.

aramos17428 · ‎06-17-2007

Can anyone point me to this documents for setting up the APs 1242AG?

I need to setup similar setup but with WPA and Windows 2003. Users will authenticate against the Windows 2003 AD databases

Thanks

Armando