+ Post New Thread
Results 1 to 9 of 9
Wireless Networks Thread, to Radius or not to Radius...that is the question in Technical; hey ppl, I'm having quite a few problems with Meru working with a radius 2008 sever. Mainly slow authentication and ...
  1. #1
    techie211's Avatar
    Join Date
    Feb 2009
    Posts
    122
    Thank Post
    24
    Thanked 1 Time in 1 Post
    Rep Power
    0

    to Radius or not to Radius...that is the question

    hey ppl, I'm having quite a few problems with Meru working with a radius 2008 sever. Mainly slow authentication and drive mappings not showing up. I guess my question is, do I even need a radius server for security or otherwise to work with my Meru wireless? does having a radius server 'slow' things down like authentication? I would like to hear from users who have radius setup with Meru or any other wireless network for that matter. The pro's and con's of why a radius sever or why not. any help on this is greatly appreciated. Hopefully I can put this whole radius mystery to rest

    -Jr

  2. #2

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,241
    Thank Post
    239
    Thanked 1,567 Times in 1,249 Posts
    Rep Power
    339
    The main advantage of a RADIUS setup, is this allows you to control who has access to your network, but also allows you to monitor usage.

    Without RADIUS you can only encrypt a wireless network, which to be honest is good enough most schools. Monitoring if required can be performed at the proxy or firewall level.

  3. Thanks to Michael from:

    techie211 (31st July 2012)

  4. #3

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,342
    Thank Post
    367
    Thanked 624 Times in 509 Posts
    Rep Power
    156
    Personally we found 802.1x (radius) to be faster then WEP\WPA, always used to have profile\logon timeouts before we moved over. Never used Meru however.

  5. Thanks to matt40k from:

    techie211 (31st July 2012)

  6. #4
    techie211's Avatar
    Join Date
    Feb 2009
    Posts
    122
    Thank Post
    24
    Thanked 1 Time in 1 Post
    Rep Power
    0
    thanks for the replys. I just don't feel comfortable the way our radius is setup. We're running 3 different CA's and I was told that's the only way the radius server will work with our wireless. Maybe that's true but I don't see why.??? I would like to keep using radius. Does anyone have a written up doc that show's step by step how to setup radius to work with wireless whether it be Meru or another vendor?

  7. #5

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,241
    Thank Post
    110
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    Hmm. A three CA (Offline Root, Sub and Issuing) is the 'correct' way to build any enterprise CA, along with an operational policy that aligns to best practice with separate administrators for each one... so unless you are a large org with a large team, or you are using your PKI to sign important documents/code for internal auditing or you are a masochist, that level of PKI is probably overkill. However I'm still using WPA2, so what do I know? We will be going for 802.1x shortly and the design doc proposed only one CA, as I'm getting a 3rd party to do the work I don't have any more detail to give though.

    Unless you've got your PKI and DNS configurations slightly botched I can't imagine that RADIUS is the root cause of the symptoms you describe. I would look more urgently at the SD version and patching up your clients to have latest tcpip.sys, dhcpcore.dll etc. Then see where you are.

    Hope this helps.

  8. Thanks to psydii from:

    techie211 (1st August 2012)

  9. #6

    Join Date
    Jan 2012
    Posts
    170
    Thank Post
    8
    Thanked 16 Times in 15 Posts
    Rep Power
    37
    Quote Originally Posted by techie211 View Post
    hey ppl, I'm having quite a few problems with Meru working with a radius 2008 sever. Mainly slow authentication and drive mappings not showing up. I guess my question is, do I even need a radius server for security or otherwise to work with my Meru wireless? does having a radius server 'slow' things down like authentication? I would like to hear from users who have radius setup with Meru or any other wireless network for that matter. The pro's and con's of why a radius sever or why not. any help on this is greatly appreciated. Hopefully I can put this whole radius mystery to rest

    -Jr
    the big advantage of radius is in being able to leverage your existing identity infrastructure (AD via a radius server like NPS), the alternative is to use a local database of users stored on your controller which is less than ideal because wherever possible you want to use the security groupings you've created in AD to decide who, what and when get's access. Add to that the ability to then utilise GPO's to assign these security profiles, and all in all it's a far more robust solution than local user databases or on PSK's - which is the most simple level, but has many pitfalls.

  10. Thanks to alttab from:

    techie211 (1st August 2012)

  11. #7

    Join Date
    Jan 2009
    Location
    Cambridge
    Posts
    82
    Thank Post
    3
    Thanked 11 Times in 10 Posts
    Rep Power
    33
    Hi techie211
    Please feel free to mail me directly, and we can put you in touch with Meru engineers who will be able to help you. We'll have a significant volume of customers running Meru with radius with no issues, so I am sure we can help
    mhowell@merunetworks.com Mark Howell
    Many thanks
    Mark

  12. #8
    techie211's Avatar
    Join Date
    Feb 2009
    Posts
    122
    Thank Post
    24
    Thanked 1 Time in 1 Post
    Rep Power
    0
    thanks for all the replies. Also, does the NPS need to be a DC or just a member server?

  13. #9

    Join Date
    Dec 2011
    Posts
    404
    Thank Post
    368
    Thanked 45 Times in 33 Posts
    Rep Power
    13
    Quote Originally Posted by techie211 View Post
    thanks for all the replies. Also, does the NPS need to be a DC or just a member server?
    Can be either way, I have it running on a Hyper-V member server at the moment.

SHARE:
+ Post New Thread

Similar Threads

  1. RM OR NOT TOO RM THAT IS THE QUESTION
    By ChrisLinaker in forum Network and Classroom Management
    Replies: 15
    Last Post: 12th September 2012, 06:38 PM
  2. To RM or not to RM, that is the question...
    By Little-Miss in forum Network and Classroom Management
    Replies: 137
    Last Post: 9th December 2009, 04:13 PM
  3. To Go Or Not To Go - That Is My Dilema
    By mattx in forum General Chat
    Replies: 51
    Last Post: 19th February 2008, 10:32 PM
  4. To VOIP or not to VOIP, that is the question
    By localzuk in forum Wireless Networks
    Replies: 10
    Last Post: 11th December 2006, 10:16 AM
  5. Replies: 15
    Last Post: 15th September 2006, 09:01 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •