Quote:
|
Originally Posted by Starpoint
I have seen software packages where one can set up a Radius type authentication server for wifi users but have never poked around with them much (maybe I need to try one on a scratchbox).
My question is this: Is there such wireless gear (AP's) that can be set up over a large area to give a good wifi footprint using multiple AP's but yet all use 1 common authentication server for MAC filtering?
|
All good (Cisco, Enterasys etc) AP's will do this using the 802.1X protocol. Which will allow authentication over the distributed system via a RADIUS server. I'm not sure if they will do MAC filtering.
But if you're security conscious MAC filtering is useless. If an attacker can break your WPA(TKIP) security they will have no problem sniffing and stealing a MAC address. MAC filtering is about as useless as preventing SSID broadcasts.
Quote:
|
Originally Posted by Starpoint
I told them that most your AP's support 128 bit WEP, WPA is better, then you have LEAP from Cisco which I found out that airlink card does(calls it CCX) but having a MAC filter is a must so that even if someone gets the WEP/WPA info, they still cannot associate with the AP.
|
As someone on these forums is known for, LEAP is as insecure and in someways moreso than WEP and it will require Cisco AP's
Quote:
|
Originally Posted by Starpoint
I know there is some gear out there that has multiple antenna's that you can run about 100-200 feet away from the base unit, that might work.
|
Im pretty sure most gear will do this.