Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Wireless authentication

Hey guys - hope everyone's doing well. A client is looking to move away from using static EAP to some better form of security using Cisco ACS. Unfortunately the laptops belong to students so they don't know what cards or OS they 're running but mostly XP & Vista.

What is the safest bet to choose in terms of protocol that would be most widely supported? I just want to use dynamic WEP and authenticate my users to the network using an internal ACS database

Thank you all

2 REPLIES
Silver

Re: Wireless authentication

I'd go for WPA2 with AES encryption.

And PEAP as user authentification.

Please note that you need under XP either SP3 or the WPA2 patch from Microsoft found under: http://support.microsoft.com/kb/893357

But then every XP client and also Vista client supports it.

WEP is simply put unsave. You need around 2-3 minutes to crack a WEP key and then sniff all the traffic between the client and access point. And this can't it be.

New Member

Re: Wireless authentication

WPA2 is still not universally supported by Windows based clients. Although less secure you could opt for WPA with TKIP to ensure max compatibility. If you are using Unified Wireless you can enable support for both WPA and WPA2 and then you pretty much catch everything.

As Patoberli states above don't even bother with WEP and also ensure that if you are using PSK for WPA or WPA2 that you do not use a dictionary word.

HTH

Paul

131
Views
0
Helpful
2
Replies