WLAN Security Centralizing WLAN Authentication
802.1X
802.1X over Wireless
Unique Encryption Keys
EAP Process
EAP Frame Format <ul><li>EAP defines four message types: Request, Response, Success, and Failure </li></ul>
RADIUS
Security > AAA > RADIUS > Authentication
Security > AAA > RADIUS > Authentication > New
WLAN > Edit > Security > AAA Servers
Local EAP <ul><ul><li>The following EAP methods are supported with local EAP: </li></ul></ul><ul><ul><ul><li>LEAP </li></u...
Security > Local EAP > Profiles  <ul><li>Local EAP is created in three steps: </li></ul><ul><ul><li>Creation and configura...
Security > Local EAP > Profiles > Edit
Security > Local EAP > EAP-FAST Parameters
Security > AAA > Local Net Users
Security > Local EAP > Authentication Priority  Only LDAP is used LDAP is used only if the local list does not contain the...
Security >AAA > LDAP
WLAN > Edit
Summary <ul><ul><li>802.1X allows a port to be blocked while the client is authenticated. </li></ul></ul><ul><ul><li>EAP c...
 
Upcoming SlideShare
Loading in...5
×

Iuwne10 S04 L03

326

Published on

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
326
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
53
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Iuwne10 S04 L03"

  1. 1. WLAN Security Centralizing WLAN Authentication
  2. 2. 802.1X
  3. 3. 802.1X over Wireless
  4. 4. Unique Encryption Keys
  5. 5. EAP Process
  6. 6. EAP Frame Format <ul><li>EAP defines four message types: Request, Response, Success, and Failure </li></ul>
  7. 7. RADIUS
  8. 8. Security > AAA > RADIUS > Authentication
  9. 9. Security > AAA > RADIUS > Authentication > New
  10. 10. WLAN > Edit > Security > AAA Servers
  11. 11. Local EAP <ul><ul><li>The following EAP methods are supported with local EAP: </li></ul></ul><ul><ul><ul><li>LEAP </li></ul></ul></ul><ul><ul><ul><li>EAP-FAST (both username and password with PAC and certificates) </li></ul></ul></ul><ul><ul><ul><li>EAP-TLS </li></ul></ul></ul><ul><ul><ul><li>PEAP </li></ul></ul></ul><ul><ul><li>MAC authentication is also supported in addition to the above methods </li></ul></ul><ul><ul><li>Local EAP authentication can be used if the Cisco WLC fails to reach the configured RADIUS servers </li></ul></ul><ul><ul><li>Supports local users or LDAP users </li></ul></ul><ul><ul><li>Requires WLAN configuration </li></ul></ul>
  12. 12. Security > Local EAP > Profiles <ul><li>Local EAP is created in three steps: </li></ul><ul><ul><li>Creation and configuration of an EAP profile </li></ul></ul><ul><ul><li>Creation of local users or delegation to an LDAP server </li></ul></ul><ul><ul><li>Validation of the EAP profile in a WLAN </li></ul></ul>
  13. 13. Security > Local EAP > Profiles > Edit
  14. 14. Security > Local EAP > EAP-FAST Parameters
  15. 15. Security > AAA > Local Net Users
  16. 16. Security > Local EAP > Authentication Priority Only LDAP is used LDAP is used only if the local list does not contain the user
  17. 17. Security >AAA > LDAP
  18. 18. WLAN > Edit
  19. 19. Summary <ul><ul><li>802.1X allows a port to be blocked while the client is authenticated. </li></ul></ul><ul><ul><li>EAP creates a framework to carry the typical steps in an authentication process. </li></ul></ul><ul><ul><li>WLAN controllers can relay the wireless client authentication task to an external RADIUS server. </li></ul></ul><ul><ul><li>WLAN controllers can also be configured to handle EAP locally, based on an internal user database or an external LDAP server. </li></ul></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×