Re: 802.1x RADIUS Deployment in Wireless LAN

[Jimi Thompson <jimit () myrealbox com>]

We set up a similiar arrangement using FreeRadius, DialUp Admin, and a 
gateway device.  Our solution cost us about $700.  It did take about a 
week of tinkering, but we are using our now 4 year old 802.11b Enterasys 
access points that don't support 801.1X.  The traffic itself isn't 
encrypted, but it does force authentication in order to use the network. 

Our wireless network is largely for use by students, so your mileage may 
vary greatly.

HTH,

Jimi



Eric Hagen wrote:

> Well, I can relay a bit of experience using Cisco's "Secure Access 
> Control" platform.  You need version 3.2 to properly support the EAP 
> that is required for authentication over 802.1x.  It's a Windows 
> package, but I it's not that inexpensive compared to the open-source 
> route.
>
> We used Cisco Aironet 1200 access points and got the WPA/TKIP 
> authentication to work.  That's a dynamic key system and has 100% of 
> it's authentication through the SAC server.
>
> We standardized on 3com client cards because they include strong 
> software support for WPA as well as the 802.11i draft standard with 
> AES encryption.  The Cisco client card was good too, but the range 
> wasn't as good for one reason or another.
>
> Difficulty?  Fortunately, we had a few experts on hand, so it wasn't 
> all that difficult at all.  Unfortunately, for those unfamiliar with 
> all of the technologies (including Cisco IOS) it would be very difficult.
>
> Also, I believe that the wireless card's drivers must support the WPA 
> authentication, since it uses a layer-2 encapsulation on the auth 
> packets (someone correct me if I'm wrong here).
>
> Eric
>
>
>
> --------------------------------------------------------------------------- 
>
> ---------------------------------------------------------------------------- 



---------------------------------------------------------------------------
----------------------------------------------------------------------------