Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Wireless Networking > Re: Follow Up: Wireless Authnetication to AD Network

Reply
Thread Tools

Re: Follow Up: Wireless Authnetication to AD Network

 
 
Ryan Hanisco
Guest
Posts: n/a
 
      03-09-2005
I have this exact scenario working across a large multinational corp. PEAP/
MSCHAPv2 is the way to go.

Things to look out for:

1. Only windows 2000 sp4 and XP SP1 and above can truly use this without
external apps
2. XP sp2 is the most reliable way to get this going
3. Many of the WLAN helper apps can interfere. Standardize their experience
by unstalling these and letting XP handle the connection -- or standardize
on one kind of card and use that driver only.
4. Have backups of your IAS implementation and use the MS IASImport utility
to duplicate server and WAP configs
5. Plan well for any PKI you are using to manage the certs that you'll need
for IAS servers.
6. Cisco WAPs are the most reliable for this and I wouldn't consider other
equipment for this.

--
Ryan Hanisco
MCSE, MCDBA
FlagShip Integration Services

"-->AL" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
>I just wanted to follow up on my previous post to ensure I convey the
>correct scenario. The Diagram I've attach is a simple depiction of the
>network. The main concern is the Wireless Access for users on laptops, and
>accessing internal network and Internet.
>
> Basically, we have a very small network and would like to use Wireless
> Access Points for some of our users. I know and read that there are
> several ways you can do this, but I need your assistance and feedback on
> what I need to do.
>
> GOAL:
> =====
>
> (1) Design SIMPLE as possible
> (2) Users going though WAP must authenticate against AD via IAS
> (3) We can NOT use CERTIFICATES for Users or Computers - IAS Server can
> have it though
> (4) I do not want users to even use the Internet withOUT first
> authenticating in AD
> (5) Secure considering Goal 14 is met
>
> MY THOUGHT:
> ============
>
> (1) Use PEAP/MS-CHAP2 (Cert only on IAS - from Verisign)
>
> QUESTION:
> =========
>
> (1) How are users actually prompted or challenged for proper login - to
> even access the network and Internet?
> (2) Based on the Goals, and meeting all of them - what would you suggest?
>
>
> Please be as descriptive as you can get. Again, thank you.
>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Public Wireless Network together with Private Wireless Network PL Computer Security 1 11-15-2007 03:54 PM
Wireless Network Wizard and scripting updates to wireless network. Jordan Wireless Networking 1 11-03-2007 02:16 PM
Deleting a "Wireless network" created with the wireless network wi =?Utf-8?B?SmFtZXM=?= Wireless Networking 2 02-03-2006 11:18 AM
Wireless Bridge VS Wireless Access Point for DVR connection to wireless network Mark Wireless Networking 0 12-28-2005 09:21 PM
Wireless Network Help with a mixed wired and wireless network Rupert NZ Computing 1 05-09-2004 08:52 PM



Advertisments