Both previous posts were very informative. Also, is TKIP pretty much an option with Cisco Aironet Clients only or I can use it with other clients. Most of my other clients (broadcom wireless etc.) give an option of CKIP instead of TKIP. Is it the same protocol?

TKIP is the standard you can use it with any cards also cisco, CKIP is the cisco properitery standard of tkip you can use it with cisco card or ccx compatible cards.

so normally TKIP is recommanded.

hope the answered your q.

bernhard

Great. I had success using WPA/TKIP and LEAP authentication. This forum is very helpful and very much appreciated.

On a related note, I'm putting a second AP in the environment to cover the whole building and have given it a different SSID. As I understand it, I still need to connect the ethernet interface on this second AP to my network using a copper connection, right? Otherwise this new AP will not see the ACS server on the physical network. This second AP may see the first AP but that does not allow it's clients to authenticate, correct?

Besides, it is a good idea to give both AP's different SSID?

Glad to hear that the comments were helpful.

Please find the answers to your new questions below :

Q)As I understand it, I still need to connect the ethernet interface on this second AP to my network using a copper connection, right? Otherwise this new AP will not see the ACS server on the physical network.

A) This is correct, you need to make sure that there is first physical, and then IP connectivity between your AP (and the clients associating to it) with the ACS so you can get your authentication working.

Q) This second AP may see the first AP but that does not allow it's clients to authenticate, correct?

That is also correct. By having 2 APs with different SSIDs configured on each, then your clients from one AP(as long as you do not have "guest mode" enabled on the SSID) will not be able to associate with the other.