Enterprise wireless authentication without pki?

I'm trying to figure out what to use for an enterprise environment. I don't want to use a commercial certificate or manage certificates on each workstation either.

I keep reading about eap-ttls but I cant find any document about setting it up in a large network. I'm trying to setup a bunch of 1230 AP's to authenticate to an AD on 2003 server running IAS.

I understand that LEAP is not so secure but PEAP requires a $350 certificate every year.

Does anyone have suggestions that I can do to get good encryption and secure authentication?

Thanks.

Reply to
Michael Letchworth
Loading thread data ...

Hi,I think you can choose PEAP which is required server-side certificate only. You can setup a private enterprise root CA server thru MS 2003 server(it's free).

All you need to do is to enroll a server certificate from this CA(no need for user certificate) and distribute root certificate for each user(you can do that by put it > I'm trying to figure out what to use for an enterprise environment. I

Reply to
RentonHe

Could you elaborate more? I loaded the root ca cert and ias on the a

2003 AD box. I'm new to the Cisco wireless ap's. I was thinking about TTLS but I would have to load a supplicant so I was hopping that it would be easier to do peap.

I'm guessing I create a PKI and store that on the server. How does that get to the AP and then to the laptop?

Thanks for your help.

Rent> Hi,I think you can choose PEAP which is required server-side

Reply to
Michael Letchworth

Reply to
Michael Letchworth

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.