Hi all
I have a Cisco 871W router and would like to setup a secure wireless access point for the local office. Did some reading on wireless security and sort of come down with a couple of methods to do it but would like to hear your feeback on it.
1. Connect the 871W to the office LAN. The wireless security I'm thinking of is WAP-PSK Preshare. Once connected, the user will have to carry out SSL WebVPN authentication to gain access to the internal network. This 2nd layer of authentication would probably be using RADIUS authentication. I've got RADIUS working for Cisco VPN Client on a PIX 515 already so I don't think it should be that difficult with setting up RADIUS for the 871W router.
Alternatively I can:
2. Configure 802.1X authentication on the router. Wireless clients will have to turn on 802.1X to be able to connect to the corporate internal network. I can see some stumbling block in using this methods like:
- I do not have a certificate server hence it'll be a pain getting the clients to authenticate via 802.1X
- It'll be difficult to implement different level of access using 802.1X. For instance visiting guest would have access to nothing but the internal proxy server for surfing the Internet. All domain users will have full access to internal network.
Thanks in advance for your reply and if you know of any links that would point me in the right direction, it would be greatly appreciated.