+ Post New Thread
Results 1 to 6 of 6
Wireless Networks Thread, 802.1x-Radius Wireless Authentication in Technical; We have recently invested in a Cisco Wireless Lan Controller and 30 Cisco 1252b/g/n access points. Currently we use a ...
  1. #1

    Join Date
    Sep 2008
    Posts
    102
    Thank Post
    4
    Thanked 20 Times in 13 Posts
    Rep Power
    22

    802.1x-Radius Wireless Authentication

    We have recently invested in a Cisco Wireless Lan Controller and 30 Cisco 1252b/g/n access points.

    Currently we use a WPA(2)-PSK TKIP setup which is a bit of a pain with almost 300 laptops. So I am thinking that it would be wise to explore using 802.1x and Radius to make it easier and in theory more secure.

    We have 2008 DC's and wondered if anyone had experience of doing this themselves or have a guide that they stumbled across? I have seen one relating to server 2003 on the forum so wondered if anyone has followed this in server 2008?

    Any help or pointers greatly appreciated as this is all new territory to me.

  2. #2
    steve's Avatar
    Join Date
    Oct 2005
    Location
    West Yorkshire
    Posts
    1,043
    Thank Post
    22
    Thanked 177 Times in 123 Posts
    Rep Power
    51
    We use the WLC with the Cisco radius software. Works pretty well.

    Should be similar on a windows radius box.

    As you can set up multiple SSIDs on the Cisco kit, try creating one using radius as a test, can't hurt :-)

  3. #3

    Join Date
    Feb 2008
    Posts
    270
    Thank Post
    14
    Thanked 44 Times in 35 Posts
    Rep Power
    22
    Ive done this using the autonomous Cisco APs rather than with a controller and Windows IAS / Radius on our domain controllers using certificates. Works well apart from when a laptops system clock goes miles off skew for some reason and invalidates the certificate!

    I used the Microsoft documentation for Protected EAP but this was all written for Server 2003.

  4. #4

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182

  5. #5

    Join Date
    May 2009
    Posts
    1
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I did some internal testing of this solution.
    Testing setup was 2008 domain with Netgear AP. Clients was windows XP /Windows 7

    Windows XP had a large limitation that the network can authenticate against the domain computer account, but if you want to have user authentication as well, the re-authentication from computer to user happens during the logon process. This breaks roaming user profiles + scripts as the network connection is lost then reconnected. I believe Vista has this same limitation. A Microsoft page said this was by design and not going to be resolved. (lost the link i'm afraid)
    Windows 7 resolves this issue by re authenticating before the normal login process starts, and works well, however as we are not ready to roll out win7 my testing stopped at that point.


    The IAS logs are a bit of a mare to follow, but goggling for ias log viewer brings up some shareware software that gives an reasonable hint to the issue in english. It crashes on exit of the program but doesn't seem to do any harm other than that.

  6. #6

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,342
    Thank Post
    624
    Thanked 1,584 Times in 1,421 Posts
    Rep Power
    414
    Troubleshooting it with IAS was another reason why I use Elektron radius server.

    Ben

SHARE:
+ Post New Thread

Similar Threads

  1. 802.11n Wireless Router....
    By Antp in forum Hardware
    Replies: 0
    Last Post: 11th December 2008, 06:53 PM
  2. Troubleshooting a RADIUS wireless lan
    By maniac in forum Wireless Networks
    Replies: 8
    Last Post: 23rd October 2008, 09:10 AM
  3. Wireless and RADIUS
    By jamin100 in forum Wireless Networks
    Replies: 8
    Last Post: 22nd July 2008, 10:50 PM
  4. Wireless 802.1x RADIUS authentication using IAS server
    By spc-rocket in forum Wireless Networks
    Replies: 0
    Last Post: 3rd January 2008, 06:15 PM
  5. Wireless - WPA/802.1x
    By wesleyw in forum Hardware
    Replies: 2
    Last Post: 4th October 2007, 09:34 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •