Need help to use 802.1x with WEP and WPA/AES
Guy Davies
aguydavies at gmail.com
Mon Nov 10 22:00:34 CET 2008
Hi SangLee,
In my experience, the ability to do WEP and WPA simultaneously is a
function of the Access Point rather than any other device in the
network. If your AP vendor has implemented in such a way that you
cannot run WEP and WPA simultaneously, then push them to fix this.
Note, however, that your wireless security is only as strong as the
weakest encryption and authentication mechanism. Therefore, if you
are using WEP, you will have severely weakened your network. Even WPA
with TKIP is reported to have been recently attacked in a much quicker
time than previously possible. Ideally, you should look at WPA2/AES
as the basis for your wireless security. If you have no choice but to
use WEP, then you're likely to need a *very* short session-timeout in
order to force the keys to change very frequently (the order of a few
minutes at most) in a busy network. This puts a huge load on your
RADIUS servers.
Rgds,
Guy
2008/11/10 Le Sang <lmsangdl at yahoo.com>:
> Hello All,
>
> Now, I'm using 802.1x for authenticating wireless user. But unfortunately, I
> cannot use 802.1x with WEP and WPA(WPA2)/AES. Can anybody help me and tell
> me why I cannot use 802.1x with methods encryption above.
>
> Best Regard,
> SangLee
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list