Configuring Aeroport 1200 for RSA and certificates?

Unanswered Question


I'm working with a customer that uses RSA SecurID to authenticate users to the Aeroport 1200 Wireless Access Points. 

They're evaluating certificates as an alternative to RSA, and have two questions:

1. Do the Aeroport 1200 Access Points support certificate based authentication?

2. If so, can they be configured to allow both certificates and RSA at the same time?

Relative to #2, they want a test group to authenticate with certificates without impacting the remainder of the company using RSA.

Thanks, Myles

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Federico Ziliotto Tue, 10/12/2010 - 11:17

Hi Myles,

If authentication is done through RSA, I would assume that you are using a AAA/Radius server.

If the assumption is correct, it will then be the Radius server that will authenticate users through certificates, not the AP.

As long as the AP talks to the Radius server and the Radius server supports EAP methods based on certificates (such as EAP-TLS, PEAP EAP-TLS, etc.), this should be feasible.

1200 series APs can be configured with a local Radius server, but in this mode they are only supporting LEAP, EAP-FAST and MAC authentication.

Certificate based EAP methods should be configured on the Radius server.

Hope I understood your setup correctly and hope this helps.




This Discussion



Trending Topics - Security & Network