Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Wireless Security?


we have an implementation of Wlan distributed throughout several plant's, where there security implemented is:

1. SSID Hidden

2. 128 Fixed WEP Key

3. Cisco ACS with registration of MacAddress's

And we are then doing authentication based on Mac-Address.

We know that this is really a not safe solution, but what you would recommend, considering that we are Running Microsoft Active Directory, but avoiding the use of Certificates.

Thanks for any recomendation,

Best Regards,

Jorge Sousa


Re: Wireless Security?

well you could do LEAP. You get AD authentication, can do WPA instead of WEP, and there is no need for a certificate.

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered

Re: Wireless Security?

This will have to be driven by your clients and what they support. I have been focusing on WPA2/PEAP lately, for broad client support. PEAP uses a certificate, but only for the ACS server. If your clients support it you could do EAP-FAST, but some clients do not support it.

If you post more info about your client base (OS and hardware) we could probably give more specific reponses.


Please remember to rate all helpful posts.

Community Member

Re: Wireless Security?

My clients are basically Windows XP (sp1 and sp2), still some Windows 95, and some Intermec Scanners.


Re: Wireless Security?

If you dont want use certificates EAP-FAST is best , fast and secure solution - its 802.1X EAP type authentication without using CA

check following Q&A

ACS setting for EAP-FAST

EAP-FAST Deployment Guide (PDF)


Hope that helps rate if it does

CreatePlease to create content