Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
465
Views
0
Helpful
1
Replies

Dynamic session keys and EAP

dchia78
Level 1
Level 1

‎07-17-2002 06:29 PM - edited ‎07-04-2021 11:18 PM

I remember reading somewhere that 802.1x has dynamic session-based encryption keys. The article mentioned that the key will change when it roams to a new AP. This will have some impact on VPN users. Is this true?

I will like to implement on my wireless users that they use 802.1x to authenicate and power up their VPN to access the Intranet. If the above is true, how do I go about solving it?

Another question is, if my AP is cisco 1200, and some of the client cards are a mixture of cisco aironets and other brands, is it possible for the AP to authenticate the Aironet cards using LEAP, and the other brands using EAP?

Labels:
0 Helpful
1 Reply 1

jimmy.seah
Level 1
Level 1

‎07-18-2002 03:06 AM

802.1x provides for layer 2 security for your WLAN. Which in your case secure the sessions between your AP and it's client. Therefore I doubt that there'll be an issue running it together with VPN.

Cisco Aironet 1200 is compatible with legacy cards from Cisco. As for other brands, you'll need to do some testing, I've encounter some problem running it with SMC WLAN NIC but have no problem using it with Orinoco or lucent NIC.

LEAP only works with Cisco card, since it require the use of Cisco ACU. As for EAP, I'm still trying to get it to work using EAP-MD5. I remember reading something on implementing EAP-TLS from CCO.

Jim

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card