1. Home
  2. Cisco Systems
  3. Bypassing wireless security on a Cisco AP for a single device

Bypassing wireless security on a Cisco AP for a single device

I have a Cisco 1200 AP that uses WPA-Enterpise, TKIP, and PEAP to authenticate user laptops, using the user's Windows account and password. Now I have someone who wants to add a wireless video projector to the network. The projector can use the authentication method listed, but either a user account would have to be added to Active Directory, or an existing user account would have to be utilized.

I'm wondering if there is a way to bypass authentication for specific MAC address the projector uses.

Reply to
ttripp
Loading thread data ...

you would probably want to create another ssid and use other vlan strictly for equipment (projectors, printers etc...). don't broadcast the name of the new wlan in the beacon, and use mac filter with open or wpa/preshared key as authentication method.

Reply to
sasha

Using MAC addresses as access credential for wireless access is generally a bad idea. They can be easily spoofed. SSID broadcast doesn't make wireless LAN invisible. Anybody slightly interested in finding it will be able to do so.

Since projector can use PEAP, best method would be to create special user account for it.

Regards, Andrey.

Reply to
Andrey Tarasov

Thanks. Both answers sound like they should work.

Reply to
ttripp

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.