"fonaruin" <firstname.lastname@example.org> hath wroth:
>I'm trying to configure a wireless secured network and I would like to
>connect 2 Access Points to a VPN firewall that makes VPN connections
>with wireless clients. The VPN firewall limits the wireless network
>that I want to connecto to a LAN, in the other side of the firewall.
>I'm thinking that the best way to authenticate the clients is with a
>RADIUS server but I've not configured never one.
>I've found some VPN firewalls that come with a RADIUS server
>incorporated. Must I use this solution or is better to configure a
>RADIUS server on a Windows 2003 Server Machine in the LAN side ?
The big advantage of WPA-RADIUS authentication is that wireless
encryption keys are issued by the RADIUS server and are unique to each
connection and session. That eliminates distributing a shared key to
all users, which might easily be compromised.
Obviously, LAN based RADIUS security is better than WAN (internet)
based security because you have control of everything involved. There
are 802.1x authentication services available for the WAN side if you
don't want to build your own RADIUS server.
On the LAN side, you mumble something about a VPN firewall with a
built in RADIUS server. No clue what you're considering so I can't
The Windoze 2003 IAS RADIUS server is probably the easiest choice:
Jeff Liebermann email@example.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558