Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
478
Views
0
Helpful
2
Replies

LEAP Security

narius210
Level 1
Level 1

‎10-27-2006 01:54 AM - edited ‎07-03-2021 01:09 PM

Dear Everyone

I work for a company with about 300 wireless users and 15 access points installed.

Currently I use LEAP authentication as security, which authorizes by username and

password, and thereafter it checks if MAC address is recorded in access list in

RADIUS , and then it establishes a connection.

My question is, is there any other method of AAA in order to increase security ? ,

on WiAPs, on RADIUS or in any other place.

Let's discuss this, and see if I use good AAA for network to be invulnerable as is available

Labels:
0 Helpful
2 Replies 2

wong34539
Level 6
Level 6

‎11-02-2006 06:44 AM

LEAP is succeptable to dictionary attacks , but PEAP or EAP-TLS which are certificate based authentication types will be good.If ease of implementation is what you want then LEAP can be used

0 Helpful

Stephen Rodriguez
Cisco Employee
Cisco Employee
In response to wong34539

‎11-02-2006 07:26 AM

More on the PEAP and EAP-TLS. With PEAP, the certificate is only on the AAA server, you can do some validation so long as the client has a trust of the ROOT CA that issued the PEAP certificate. In EAP-TLS, the certificate is on the client as well as the AAA server. There are pros and cons to both, and I would recommend reading up on them.

Application Note for PEAP:

http://www.cisco.com/en/US/partner/products/hw/wireless/ps430/products_technical_reference_chapter09186a008025d6ee.html

EAP-TLS Deployment Guide:

http://www.cisco.com/en/US/partner/products/sw/secursw/ps2086/products_white_paper09186a008009256b.shtml

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card