Re: freeradius v.2.0.1 and Cisco 1200AP IOS V.12.3

[John Melton <john.melton@sun.com>]

I have found a Cisco document (FAQ-Wireless-Security.pdf) with the following statement:

Q. Why does MAC authentication not work with Wi−Fi Protected Access 

(WPA) in Cisco IOS Software Release 12.3(8)JA2? 

A. The only level of security for MAC authentication is to check the MAC address of the 

client against a list of permitted MAC addresses. This is considered very weak. In earlier 

Cisco IOS Software releases, you could configure MAC authentication and WPA to encrypt 

the information. But because WPA itself has a MAC address that checks, Cisco decided not 

to allow this type of configuration in later Cisco IOS Software releases and decided only to 

improve security features. 

Regards,

John

On 5 Feb 2008, at 20:04, A.L.M.Buxey@lboro.ac.uk wrote:

Hi,

When installing FreeRadius 2.0.1, the only thing you should need is to add

this to /etc/raddb/users

username Cleartext-Password := "thepassword"

..and the clients file (and maybe even the firewall on the server! ;-) )
so that the AP acting as a NAS can talk to FR :-)

...and it should work. If it doesn't, by far the most likely explanation is

that you have the Cisco AP configured incorrectly; you will need to examine

the Cisco documentation, this is not a Cisco support list.

agreed.

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html