-
October 16th, 2002, 03:56 PM
#1
Continuing on 802.11.....
ok....after the last post...and having no one answer me, I figured I would try again.
The preferred method of securing 802.11 networks in a corporate environment is via EAP. Different companies implement it differently... Cisco using LEAP, M$ using PEAP....
I am looking into using EAP/TLS(SSL) via a RADIUS server to auth users into a wireless lan. Has anyone done this with a non-commercial package... (i.e. FreeRADIUS or other GNU/GPL software) if so, what platform is it running on, what was the setup like ?
Antionline in a nutshell
\"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"
Trust your Technolust
-
October 25th, 2002, 01:13 PM
#2
BUMP !
i certainly am looking for other Ideas.. and certainly am interested in others experiences/comments..
Cheers
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
-
October 25th, 2002, 04:19 PM
#3
I don't know that I entirely agree with you on that. Per Gartner more large companies are using a VPN inside their WLAN. We decided to go that route also and are very pleased with the results. I know this doesn't answer your direct question but will hopefully add some insight to securing WLAN.
Work... Some days it's just not worth chewing through the restraints...
-
October 25th, 2002, 05:12 PM
#4
Well, i designed wireless net for a bank and i used a tacacs++ serv + hardware encryption modules. The tacacs setrv was simply running on a nt4 box (which suked but that is all they would give me) i know that there are several free raduis package out there specially *nix. I'd recommand using a sun station for the load can get pretty hefty on the box for the aaa.
also i did not use 802.11 compatible equip since at that time the wep was not available.
Hope that helps
assembly.... digital dna ?
-
October 25th, 2002, 05:33 PM
#5
Originally posted here by mmelby
I don't know that I entirely agree with you on that. Per Gartner more large companies are using a VPN inside their WLAN. We decided to go that route also and are very pleased with the results. I know this doesn't answer your direct question but will hopefully add some insight to securing WLAN.
I am sure they are, but not everyone has those monetary resources available to them. I am fully aware on methods of securing, but I don't have the funding for high end VPN equipment merely for a WLAN. I could use PPTP and IPSEC or some other combination for the poor mans VPN but, What I was looking at was the next best thing. i.e. radius for auth(EAP/TLS(TTLS if its ever past draft stage)) and a backend dbase using a dynamic, randomly generated wep key program, with mac filtering.
Antionline in a nutshell
\"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"
Trust your Technolust
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|