Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Where to place the RADIUS Server in a bridged enviroment?

Hi,

we want to connect two buildings with BR350. The main building host all the servers (W2K Domain). In the outbuilding are about 20-25 User without a server.

First, the two BR350 should use the ACS server for periodical WEP Key generation.

Second, all the client PC in the outbuilding should also connect to the LAN through some AP1200. Those APs should also use the RADIUS server.

Where do I have to place the RADIUS server? In the main building, in the outbuilding or even on both sides.

Another question:

Make it sense to place a router (eg. 1700 with 3DES IOS) on both sides to additionaly protect the bridged connection with IPSEC or is WEP, TKIP, MIC and so forth sufficient?

Thank you,

Rouven

1 REPLY
Cisco Employee

Re: Where to place the RADIUS Server in a bridged enviroment?

Make it sense to place a router (eg. 1700 with 3DES IOS) on both sides to additionaly protect the bridged connection with IPSEC or is WEP, TKIP, MIC and so forth sufficient?

Normally EAP like you are planning is enough for a bridge link but give the number of users etc you are talking about it makes sense to use a router at both ends of the bridge link as this will break up your broadcast domains.

If you dont do this then a broadcast from a client at the remote end also be sent back over the bridge link.

As to placement of the radius server I would have it closer to the servers if you are using them as an external database. IF you are not using them as an external database then closest to the most number of users that need to be authenticated, the root bridge should be at the same end as the radius server.

235
Views
0
Helpful
1
Replies
CreatePlease to create content