It's a little older, but this might have some value: http://www.networkcomputing.com/mobile/archives/mobile_archive_011106.html Generally, WPA2/AES with MS-CHAPv2/PEAPv0 will serve the broadest number of clients and work with the most back ends.
If you have your passwords stored in the clear in an LDAP directory, then having your EAP-compatible RADIUS server hit FreeRADIUS which hits the LDAP store may work. Frank -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of David Blahut Sent: Wednesday, December 23, 2009 1:25 PM To: [email protected] Subject: [WIRELESS-LAN] Encryption and Authentication Greetings, We are beginning to deploy encrypted wireless and I am looking for some words of wisdom. Mainly what method you used and what reasons as to why you chose said method or any reason you wish you had not. We have looked at many of the different flavors of EAP but are unsure of any clear advantage of one over the other. We are a Cisco LWAPP shop with Cisco ACS playing the role of RADIUS with open LDAP in the back-end. Any advice would be helpful; any thing to look out for, any gotchas, any show stoppers, and any success stories. Thanks, David ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
