I have a setup including a WISM and WCS which currently only runs a guest service using webauth to get online. The service (by request) is not secured over the air. I would like to implement a second SSID with security but before going the whole way with 802.1x I wanted to implement a half way house. Service will still only be a guest service but I want the air traffic secured.
So I guess my options are WEP (forget it) or WPA/WPA2.
My question is do I have to run this service with a shared secret that I then need to inform all users of in order for them to be able to connect to the service or is there a way to implement a WPA service that uses some kind of credential check against the already configured RADIUS (ACS) servers?
And if this is possible I assume there is no longer need for a webauth as this just seems to duplicate the login process.
Thanks for any pointers in advance