Matt,
We use it and have had no issues with it. Since we have to authenticate
against several authentication mechanisms, we send the auth packet to a
radius server (Funk), who then passes is through to the proper mechanism
(LDAP, AD, proxy). Also, please note that this is how we
We do it with WiSMs. WPA (greatest compatibility), TKIP, MS-CHAPv2 with
native Windows/Mac supplicants for general users, and WPA2 for
higher-security specialty networks. We use AD as credential store, and
use ID Engines for supplicant configuration.
Here are the biggest hang-ups/issues I see
We're doing 802.1x with LWAPP. We have two controllers, 300 APs and
average around 1100 concurrent wireless users.
We just switched to 802.1x authentication last year, with great
success. Previously we ran a network with just WEP and MAC address
registration. Last summer we brought a new
Walt,
Good point about the EAP method.
Matt,
Because we have to authenticate several different users, we HAD to use
EAP-TTLS. This is probably where you will have to do most of your
research. In this case, there aren't really any wrong ways of doing
things. You just have to make an
I think the biggest challenge was (and still is to some extent) getting
people to use it and not user our Guest access or PDA access. We don't
require guests configure 1x and not all PDA's can even do 1x. As a
result, sometimes people use the network we provide for that instead of
using the 1x
/
From: The EDUCAUSE Wireless Issues Constituent Group Listserv on behalf of
Peter P Morrissey
Sent: Thu 7/24/2008 4:38 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLAN 4400 Controllers and 802.1x
I think the biggest challenge was (and still is to some
University
Visit us online at www.fairmontstate.edu
From: The EDUCAUSE Wireless Issues Constituent Group Listserv on
behalf of Peter P Morrissey
Sent: Thu 7/24/2008 4:38 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLAN 4400 Controllers and 802.1x
I think the biggest
://fsmail.fairmontstate.edu/exchweb/bin/redir.asp?URL=http://www.fairmontstate.edu/
From: The EDUCAUSE Wireless Issues Constituent Group Listserv on behalf of Walt
Howd
Sent: Thu 7/24/2008 5:58 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLAN 4400
/redir.asp?URL=http://www.fairmontstate.edu/
From: The EDUCAUSE Wireless Issues Constituent Group Listserv on
behalf of Walt Howd
Sent: Thu 7/24/2008 5:58 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLAN 4400 Controllers and 802.1x
Of Jenkins, Matthew
Sent: Thursday, July 24, 2008 5:37 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLAN 4400 Controllers and 802.1x
Thanks everyone for your quick responses! As far as the EAP method goes, we
will primarily be using MS AD to authenticate. I figured we
10 matches
Mail list logo