Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
518
Views
0
Helpful
6
Replies

I need a how to on Security in WLC for the users

william.hostetler
Level 1
Level 1

‎05-28-2010 11:33 AM - edited ‎07-03-2021 06:50 PM

OK, I need to actually make my unsecured wireless network secure. Where do I even begin? What I would love to happen is that it is invisible to the user but with about 1000 laptops we don't have time to do mac addresses etc. I have heard that what is wanted in our environment is WPA with at least 128 bit encrypt. To tell you the truth I've been running wireless wide open in our school buildings for a couple years now. With 4500 built in "hackers" on the wired network I cant' imagine what locking down the wireless will help with unless someone can reach it in the parking lot.

thanks for any help

Gary

Labels:
0 Helpful
6 Replies 6

George Stefanick
VIP Alumni
VIP Alumni

‎05-28-2010 04:09 PM

Will,

It all comes down to what security you want to deploy. I assume you mean WEP with 128? Security also means management.

Are the wireless devices owned by your school or are they guest devices?

How secure do you want to go? Have you considered EAP?

You could deploy a suplicant on each device to roll out your deployment ...

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

william.hostetler
Level 1
Level 1
In response to George Stefanick

‎05-28-2010 05:09 PM

We own the laptops. I would rather no one could get in at all. Is there a way to push out some kind of key with group policy? I would also like ldap authentication so they have to use our network username and password etc.

thanks

Gary (my login is william because cisco mucked up somehow my other account)

0 Helpful

George Stefanick
VIP Alumni
VIP Alumni
In response to william.hostetler

‎05-28-2010 05:38 PM

Do you use windows zero config or a supplicant like Intel? If so push out a policy for PEAP. You can tie the WLAN  to LDAP for authenication.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

william.hostetler
Level 1
Level 1
In response to George Stefanick

‎05-28-2010 05:44 PM

We try to maintain zero config. Once the laptop is set to our wireless it always connects back to it no matter who uses the laptop. Of course that is with no security on it. Of course I need a step by step to get it done and was hoping somewhere there was a how to.

Gary

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎05-28-2010 05:52 PM

1.  Disable "Broadcast SSID";
2.  Use WPA2/AES so you'll be ready to use 802.11n;
3.  Network Admission Controll (NAC); and
4.  RADIUS/TACACS

0 Helpful

william.hostetler
Level 1
Level 1
In response to Leo Laohoo

‎05-28-2010 05:58 PM

1-2 are on the WLC, where do I find NAC and Radius-is that part of the AAA?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card