Securing wireless with certificates on clients

Unanswered Question
Jan 28th, 2009
User Badges:

I have a customer that wants to use certificates to authenticate clients on a wireless network.

I cant se how this is to be implemented :-)

Can someone here point me in the right direction ??


/PerB

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
c.fuller Tue, 02/03/2009 - 08:43
User Badges:

I would use PEAP user authentication. It only requires a server side SSL digital certificate so don't have to visit each client. It's secure and easy to manage. You install the certificate on your authentication server.


You normally have to renew the SSL certificate and reinstall annually though.


Chuck

rduke Wed, 02/04/2009 - 12:24
User Badges:

Hey guys,

FYI the server certficate used in PEAP is only protecting you from connecting to a fake wireless AP with the same SSID. All you have to do is uncheck the box "validate server certificate" to bypass any certificate checks so that may not be what you are looking for. You may want to look at TLS or PEAP with TLS. I have not used either, so I don't have any first hand experience with those, but they use client based certificates so that would authenticate your client with something beyond the usual user name and password. With PEAP only, all you need is a valid user name and password. You can use most any computer to connect if you do not validate the server cert on the client.


Randy

pbuch Wed, 02/04/2009 - 22:03
User Badges:

Thanks !

The idea is to have certs on all the clients. Usernames and passwords has to be simple in this implementation. PEAP with TLS sounds like the solution to test.


/PerB

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode