I'm testing out setting up Radius from our Aironet's that uses Active Directory for authentication, however it seems the only supported authentication (unless you get Cisco Secure Access Control Server) is PAP. We set this up so basically the PAP is I guess "wrapped" inside PEAP-MSCHAPv2.
This makes me sort of wary as PAP is plain text, but I'm not sure as to the risk in this case. In a situation like dial-in VPN obviously sending the plaintext password is easily discoverable, but is the connection already secured by the time the password is transmitted over a wireless link? ie) you wouldn't be sending the plaintext password over the wireless link?
wireless clients use EAP protocol when they authenticate.
PEAP is one flavor of different EAP methods around. Inside the EAP there is authentication done inside a secure tunnel and this is usually MSCHAPv2. So PEAP-MSCHAPv2 is EAP method that uses PEAP and uses MSCHAPv2 inside the tunnel to do the authentication.
MSCHAPv2 is used, not PAP. But on your radius you can't only enable MSCHAPv2 because this means MSCHAPv2 without PEAP (EAP-MSCHAPv2) which is also exist and different from EAP.
What you need to do on the radius server is to enable PEAP. Inside PEAP options you need to choose MSCHAPv2.
You want to say "Thank you"? Don't. Just rate the useful answers, that is more useful than "Thank you".
Rating useful replies is more useful than saying "Thank you"
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...