Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

What's the best way to secure 802.11x

hello,

I'm a rf network specialist located in Canada and we experience an explosion for WLAN. the biggest concern for the customer is the secutity. Everbody know the problem with the WEP since berkeley crack it.

I was very surprise to don't find this subject on some discution in the security forum.

Now we have a lot of project to secure wireless lan and we read a lot on the subject, but from my point of view there's no perfect solution.

If i use LEAP,radius or ACS my speed will be affected.

What's happen if i use VPN ???, i don't know much this technology, as i said i'm a RF guay who need your help.

Many thanks

Danyel

3 REPLIES
New Member

Re: What's the best way to secure 802.11x

Take a look at this http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/1281_pp.htm

You should also look in the Wireless Security forum www.cisco.com/discuss/wireless for more discussions on this topic.

New Member

Re: What's the best way to secure 802.11x

The only way to secure wireless is to place the pods outside your firewall or set the up in a DMZ. Have clients connect via VPN. Using LEAP/RADIUS/ACS will place alot of over head. We use this configuration and I have less than a 3% load on my 3005 w/ 20 client accessing.

Get a copy of Airsnort (free) run it on a linux laptop w/ a dlink wireless card, set up a test pod and see how long it takes to gain id's and passwords, most likely less than 3 minutes. Then try the same test with the above config, good luck cracking it.

New Member

Re: What's the best way to secure 802.11x

FYI - that's what we use as well - CVPN over wireless attached to the outside DMZ. Seems to work fine.

236
Views
0
Helpful
3
Replies