08-05-2006 12:44 PM - edited 07-04-2021 12:48 PM
We are getting ready to install 4 aironet 1200 AP's into an office that will only be used by 5 people with T43 Thinkpads (Intel 2200 built-in card).
What is the best method to secure the connection and prevent the outside world from accessing our internal network?
I don't feel WEP/WPA encryption is enough -- Would be interested in using the built in security that comes with the Aironet and not an external security server, yet.
Any info or push in the right direction is greatly appreciated.
Thanks
08-05-2006 02:03 PM
You could pretty easily use the "local" RADIUS built-in to the AP firmware and implement LEAP or EAP-FAST.
Both are pretty easy to set up, the AP can handle that small load without any real performance issues, and the Intel client software supports it (you'll want to make sure all the client software and drivers are the most recent, there were some issues in the past).
Both LEAP and EAP-FASt will support seamless roaming, You'd set one of the APs up for WDS and the others to point to it.
Admin (add/change/delete users) via the Web GUI is also pretty straight forward.
Good Luck
Scott
08-07-2006 02:57 PM
Thanks buddy! Any configuration guides you can think of that would get me started with EAP-FAST and the local radius? I found a configuration guide from cisco but it requires an ACS server
08-08-2006 08:03 AM
Your best bet (probably) would be to use the Web GUI. Just aim your browser at the AP's address.
The Local RADIUS server is set up in the "Security" link. The only trick there is to make sure you use *exactly* the same key (spaces are significant) when you set up the other APs.
The online help offered (icon in the upper right of the WebGUI) is likely all you'll need.
If not, let us know.
Good Luck
Scott
08-15-2006 07:20 PM
I configured the 1200 for EAP-Fast with Open WEP encryption. I also installed the latest Intel software and drivers.
At first, it wouldn't connect at all.
Then I disabled "Cisco Extensions" on the 1200. After this I could get the PAC provisioned and the built-in radius log shows "successful provisions". But it doesn't show anything about successful username/passwords.
Seems like it's getting held up passing the authentication credentials somewhere.
Any suggestions? Unfortunately all of the thinkpads have the Intel cards.
Thanks!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide