Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Wireless Security?

Unanswered Question
Oct 24th, 2006
User Badges:


we have an implementation of Wlan distributed throughout several plant's, where there security implemented is:

1. SSID Hidden

2. 128 Fixed WEP Key

3. Cisco ACS with registration of MacAddress's

And we are then doing authentication based on Mac-Address.

We know that this is really a not safe solution, but what you would recommend, considering that we are Running Microsoft Active Directory, but avoiding the use of Certificates.

Thanks for any recomendation,

Best Regards,

Jorge Sousa

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Stephen Rodriguez Tue, 10/24/2006 - 09:21
User Badges:
  • Purple, 4500 points or more

well you could do LEAP. You get AD authentication, can do WPA instead of WEP, and there is no need for a certificate.

ethiel Tue, 10/24/2006 - 09:34
User Badges:
  • Gold, 750 points or more

This will have to be driven by your clients and what they support. I have been focusing on WPA2/PEAP lately, for broad client support. PEAP uses a certificate, but only for the ACS server. If your clients support it you could do EAP-FAST, but some clients do not support it.

If you post more info about your client base (OS and hardware) we could probably give more specific reponses.


Please remember to rate all helpful posts.

jorge.s Tue, 11/07/2006 - 15:28
User Badges:

My clients are basically Windows XP (sp1 and sp2), still some Windows 95, and some Intermec Scanners.

m.sir Wed, 11/08/2006 - 00:13
User Badges:
  • Gold, 750 points or more

If you dont want use certificates EAP-FAST is best , fast and secure solution - its 802.1X EAP type authentication without using CA

check following Q&A


ACS setting for EAP-FAST


EAP-FAST Deployment Guide (PDF)



Hope that helps rate if it does


This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode