Authentication on a Wireless Network

Unanswered Question
Aug 18th, 2010

Hi all,

I have 2 standalone networks to be deployed in a hotel area on ground and 20th floor. We have a 5M internet link provided by the ISP for the users. I will be usingAIR-WLC4402-12-K9 with AIR-LAP1142N-N-K9 for providing wireless connectivity.

I need to provide some kind of authentication for the users at the site.

1) Can we have a common shared key for user authentication? Like WPA1 or WPA2? How will the keys be generated and how will the WLCs authorize the generated keys? can it act like a local ACS server?

My understanding is User tries to associate with a SSID---> WLC asks for a key--> User enters the password (common to all)-->Key is generated --> User gets IP to connect to the network

Please let me know if my understanding is correct

As It is not possible to give username and pwds to all the users, I  would like to know how this authentication is best implemented?

Appreciate your help!!

Cheers

Navneet

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Rollin Kibbe Wed, 08/18/2010 - 07:03

Navneet:

The title of your post cites authentication, yet WPA keys have nothing to do with authentication, they have to do with encryption and key management.

In most public places like what you're describing where there's a wireless LAN controller, web authentication is used.  Guest accounts can be created (that expire or don't expire) and guest users log into a page with the guest user account name and password.  The authentication can be done on the controller or it can go to an external authentication server.  There's a great doc about it:

Wireless LAN Controller Web Authentication Configuration Example

http://tools.cisco.com/squish/Be171

Sincerely,

Rollin Kibbe

Network Management Systems Team

Actions

This Discussion

 

 

Trending Topics - Security & Network