Cisco LEAP


Nov 18, 2009 6:21 PM
Jun 22nd, 2009


Cisco LEAP is an 802.1X authentication type for Wireless LANs (WLANs) that supports strong mutual authentication between the client and a RADIUS server, with a logon password as the shared secret. It provides dynamic per-user, per-session encryption keys. LEAP is based on EAP, an extension to Point-to-Point Protocol (PPP).

When a LEAP solution is implemented, network administrators are advised to review the 802.11 Wireless LAN Security White Paper.

LEAP is only supported on client adapters that support WEP, and use either the PCM, LMC, or PCI cards with firmware version 4.13 or later, or mini PCI card firmware version 5.0 or later. To use LEAP, the client adapter and Cisco Access Point (AP) firmware must have matching IEEE 802.1x draft standards.

Special attention must be paid to the use of strong passwords. Cisco LEAP is a password-based algorithm. To minimize the possibility of a successful dictionary attack, use strong passwords, which are difficult to guess. Strong passwords are:

  • A minimum of ten characters   
  • A mixture of uppercase and lowercase letters   
  • Comprised of at least one numeric character or one non-alphanumeric character (example: !#@$%)   
  • No form of the user's name or user ID   
  • A word that is not found in the dictionary (domestic or foreign)   

For more information about Cisco LEAP, an EAP type, refer to Cisco LEAP.

For information on how to configure LEAP with a local Radius server read LEAP Authentication with Local RADIUS Server

For more information on Cisco Aironet WLAN Security, refer to Cisco Aironet Wireless LAN Security Overview.

Overall Rating: 0 (0 ratings)


Login or Register to take actions

This Document

Posted June 22, 2009 at 6:12 PM
Updated November 18, 2009 at 6:21 PM

Related Content


Documents Leaderboard

Rank Username Points
George Stefanick
Rajesh Premachandran
Carlos Baez

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode