Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
359
Views
0
Helpful
1
Replies

Configuring SSL WebVPN on Cisco 871W

vincent-n
Level 3
Level 3

‎11-02-2006 10:04 PM - edited ‎07-03-2021 01:11 PM

Hi all

I have a Cisco 871W router and would like to setup a secure wireless access point for the local office. Did some reading on wireless security and sort of come down with a couple of methods to do it but would like to hear your feeback on it.

1. Connect the 871W to the office LAN. The wireless security I'm thinking of is WAP-PSK Preshare. Once connected, the user will have to carry out SSL WebVPN authentication to gain access to the internal network. This 2nd layer of authentication would probably be using RADIUS authentication. I've got RADIUS working for Cisco VPN Client on a PIX 515 already so I don't think it should be that difficult with setting up RADIUS for the 871W router.

Alternatively I can:

2. Configure 802.1X authentication on the router. Wireless clients will have to turn on 802.1X to be able to connect to the corporate internal network. I can see some stumbling block in using this methods like:

- I do not have a certificate server hence it'll be a pain getting the clients to authenticate via 802.1X

- It'll be difficult to implement different level of access using 802.1X. For instance visiting guest would have access to nothing but the internal proxy server for surfing the Internet. All domain users will have full access to internal network.

Thanks in advance for your reply and if you know of any links that would point me in the right direction, it would be greatly appreciated.

Labels:
0 Helpful
1 Reply 1

pradeepde
Level 5
Level 5

‎11-08-2006 12:51 PM

SSL uses digital certificates for authentication. The VPN Concentrator creates a self-signed SSL server certificate when it boots; or you can install in the VPN Concentrator an SSL certificate that has been issued in a PKI context. For HTTPS, this certificate must then be installed in the client. You need to install the certificate from a given VPN Concentrator only once.

For information on installing the SSL digital certificate in your browser and connecting via HTTPS, in the VPN 3000 Series Concentrator refer to

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_guide_chapter09186a00803ee1b2.html

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card