wep encryption

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Tue Feb 13 14:45:53 CET 2007


Hi,

> Active Directory. I am looking to add encryption, but unfortunately many
> of my wireless devices are older 802.11b devices that can't handle wpa.
> I am also restricted in how much I am allowed to put the end user
> through. Is there a way to cenralize a wep key in the server, as I have
> 26 access points that I would hope not to have to go into individually
> to add encryption (I already need to set up 70+ devices). Because I
> can't put any truly strong protection on the network, and I can't take
> the wlan off of the main network, I am trying to add as many layers of
> lesser protection as I can. Does anyone have any other ideas for me?
> Thanks

in a word, no. FreeRADIUS can help in WPA because it does the EAP methods.
with WEP you are really stuck with configuring single APs - or, in a centralised
system , configuring WEP on the central controller. 

WEP is pretty pointless too. 

If I were put into that environment I would push for Open wireless that requires
authentication before you can get anyway - ie use VPN technology. clients install
eg OpenVPN and thats configured to talk to OpenVPN server after they've authenticated.
only when they have a VPN tunnel do they get network access.  2048 bit SSL keys
are somewhat better than any form of WEP. you also dont need to go around shouting out
the WEP key to all and sundry - only valid users can authenticate. you could even use
FreeRADIUS as the OpenVPN authenticator!!  :-)

alan



More information about the Freeradius-Users mailing list