I have 6 Aironet 350 Access Points and bought some 350 Aironet PCMCIA adapter for users. All APs are connected back to a ACS. Authentication is using LEAP with connecting to Windows NT domain controller as the RADIUS from the ACS. By this way, I only can use Cisco client PCMCIA adapter.
Now customers want it to be open and can buy any types of Wireless LAN PCMCIA adapter from other vendors such as Proxym, Linksys and 3COM. The customers PC are mixed of Windows XP, 2000, 98 and even some Windows 95.
1. What is the best choice of EAP protocol to use to enable me to make the network safe but can use other brands of PCMCIA adapter. Certainly LEAP is out of choice. While EAP-TLS requires me to buy certificates. So I'm narrowing to PEAP. Is it a right choice? Any advice?
2. If I decided to use PEAP, it only works with Windows XP clients. or can I run it concurrently with LEAP? so my clients with non-XP client will be supplied with Cisco adapter (and using LEAP) while the XP clients can buy their own chioce of PCMCIA adapater (and using PEAP)?
3. If I decided to use PEAP, what are configurations needed at my ACS and WinNT domain controller?
If you do not see a combination here then it is not a suported combination.
You could run it on the same network but then you would need 2 AP's for every cell and careful freq management. One running LEAP and the other EAP, you would use 2 different SSIDs and configure your LEAP clients on one SSID and the PEAP clients on another.
This does beg the question as to why you would want to run both ??? The only valid reason I could think was if you had NON win XP or 2K clients that also had Cisco client cards, they could use LEAP
According to my SE, the previous posting is incorrect. According to TAC case D346983 you can use LEAP and PEAP together, as long as ACS is configured to handle them. They both are EAP-based authentication mechanisms. The RADIUS server is what decides whether it is a LEAP request or a PEAP request.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...