Michael, We here at Georgia State University initially used the Microsoft Radius server for the same reason the price is right. However, we found it to be fairly unreliable, it was not very flexible, logging was not adequate, and it had quite a few bugs. (Most of which may be fixed by now, haven't really looked in the last two years.) We took a look at several other solutions, and finally went with the Cisco Secure Server which is Cisco's enterprise TACACS/Radius server and backended it with a Novell E-directory/LDAP interface. This gave us a lot of flexibility to use it for Router/Switch authentication, as well as we use it for Cisco secure authentication, Cisco VPN servers, Cisco Dial-UP servers, Bluesocket Wireless Authentication, and Cisco BBSM authentication for our Housing complex. We also have tested it with 802.1x LEAP and PEAP with good test results, but we have not deployed this yet. In general though we have been quite happy with this solution so far, but we are a little concerned with whether we will be able to scale it for many more applications, without using separate servers. This is due to the complexity of layering authentication attributes. Overall performance and reliability have been very good, even with a large backend database of users.>>> [EMAIL PROTECTED] Thursday, February 19, 2004 >>> I'm using Radius, but not IAS with access points.
-----Original Message----- From: 802.11 wireless issues listserv [mailto:[EMAIL PROTECTED] On Behalf Of Martin Jr., D. Michael Sent: Thursday, February 19, 2004 1:09 PM To: [EMAIL PROTECTED] Subject: [WIRELESS-LAN] RADIUS authentication Is anyone out there using Microsoft Internet Authentication Service (IAS) for RADIUS authentication with their wireless access points? (We use Cisco 802.11b/g radios...Aironet 340s, 350s, 1100s) IAS is free and included with Microsoft Windows 2000 Server and we have needed to get into using RADIUS authentication with our wireless implementation. Using PEAP, EAP, etc.. and 802.1x is not out of the question (at least long term) but I have many applications were MAC authentication is the only recourse (wireless printers, bridges, etc...). Any advice (or help) would be greatly appreciated. Thanks, D. Michael Martin, Jr. Network Administrator University of Montevallo ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/cg/.
