Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
605
Views
0
Helpful
2
Replies

wireless network access

ahmedyassin8002
Level 1
Level 1

‎02-08-2012 12:21 AM - edited ‎07-03-2021 09:32 PM

Hi,

I have an autonoumus APs installed inside my LAN (4 APs just plugged to the switch broadcasting three available VLANs from the switch with three SSIDs), i configured 3 diiferent WPA2 keys for them.

So any user when access any of them, i just type the key and the key kept stored on the user labtop forever, and in new windows OS, user can uncheck the wireless key and can see it and give it to other unkown users who can access my LAN without being known.

So, can any one inform me what is the best scenario to overcome this issue?

Labels:
0 Helpful
2 Replies 2

Scott Fella
Hall of Fame
Hall of Fame

‎02-08-2012 02:07 AM

If you are trying to prevent users from adding their own device, why not lock down the wireless profile so they can't check that. Hopefully these are part of your domain computers. You can also do Mac filtering if you don't have many devices to manage (easy to spoof a Mac address though). Users will have to k ow how to spoof a Mac to bypass that. If you have AD, you can bring up a radius server and do 802.1x authentication using machine authentication. But again, these have to be domain computers.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Ven Taylor
Level 4
Level 4

‎02-08-2012 06:18 AM

I agree with Scott.  You really want to use 802.1x authentication via RADIUS.

However, they don't necessarily need to be domain computers if you don't use machine authentication.

You can set up just AD login if you want to use non-domain machines (like Macs) too.

Ven

Ven Taylor
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card