PEAP + Dell WNics + ACS + NDS/eDir -- Can it work?

Unanswered Question
Dec 11th, 2003
User Badges:


PEAP + Dell WNics + ACS + NDS/eDir + Novell Cert Server -- Can it work?



I am supposed to do a global WLAN rollout next year and would like to use PEAP, but we are a Novell shop and use the Novell Client. Should I attempt to go down this road, or take the easy way out by making the clients VPN back in?


Thanks!


Tim



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ED CARMODY Mon, 12/15/2003 - 12:37
User Badges:

The MS peap supplicant only works with MS or ODBC databases.


To auth against NDS, you'll have to use either Cisco's supplicant, or third-party supplicant.

baileja Mon, 12/22/2003 - 11:29
User Badges:

Yes it can work if you have the correct Dell. There are two types of EAP. One by microsoft that comes with XP SP1 and downloadable client for 2000 etc. The other is Cisco's version that uses the aironet client utility. Microsofts version does not authenticate against any user database except those that support MSCHAP (microsoft only). Cisco's supports MSCHAP and many others to include NDS and Generic LDAP. You must use Ciscos for this to be possible. In order to use Cisco's you must either have an aironet client card or have hardware that has the "Cisco Compatible Extensions (CCX) builtin. Many vendors are jumping on the CCX roadmap and these extensions are being builtin to many laptops with builtin wireless NICs. If you have the right hardware, just download the aironet client utility from cisco website and configure it as if you had a cisco nic installed. The following Link has a list of the models that have CCX. Dell is one of them, just check your model along with what they have listed. Hope this helps.


http://www.cisco.com/en/US/partner/partners/pr46/pr147/partners_pgm_partners_0900aecd800a7907.html

b.tay Fri, 12/26/2003 - 07:56
User Badges:

my opinion is 802.1x PEAP is only good for securing your wireless infrastructure.


however, for users in global remote locations, i would still prefer to use VPN.


VPN-Central Access Control and end-to-end encryption

802.1x-Securing the wireless infrastructure

FW-Segregating the wireless and wired segment

Anti-Virus/PFW&Patch Management-Security the Desktop

IDS/IPS-Securing the servers


what do you think ?

tproeber Sun, 12/28/2003 - 16:41
User Badges:


Yes, I am giving up on PEAP. I am going require the VPN client, and make it all pretty with the BBSM HotSpot.


Tim


Actions

This Discussion

 

 

Trending Topics - Security & Network