Wireless network with RADIUS server

#1 (**permalink**) 11-10-2006, 12:30 PM

Hi,
I'm trying to configure a wireless secured network and I would like to
connect 2 Access Points to a VPN firewall that makes VPN connections
with wireless clients. The VPN firewall limits the wireless network
that I want to connecto to a LAN, in the other side of the firewall.
I'm thinking that the best way to authenticate the clients is with a
RADIUS server but I've not configured never one.
I've found some VPN firewalls that come with a RADIUS server
incorporated. Must I use this solution or is better to configure a
RADIUS server on a Windows 2003 Server Machine in the LAN side ?
Thanks

#2 (**permalink**) 11-10-2006, 06:14 PM

"fonaruin" <marc.royo@gmail.com> hath wroth:

>I'm trying to configure a wireless secured network and I would like to
>connect 2 Access Points to a VPN firewall that makes VPN connections
>with wireless clients. The VPN firewall limits the wireless network
>that I want to connecto to a LAN, in the other side of the firewall.
>I'm thinking that the best way to authenticate the clients is with a
>RADIUS server but I've not configured never one.
>I've found some VPN firewalls that come with a RADIUS server
>incorporated. Must I use this solution or is better to configure a
>RADIUS server on a Windows 2003 Server Machine in the LAN side ?

The big advantage of WPA-RADIUS authentication is that wireless
encryption keys are issued by the RADIUS server and are unique to each
connection and session. That eliminates distributing a shared key to
all users, which might easily be compromised.

Obviously, LAN based RADIUS security is better than WAN (internet)
based security because you have control of everything involved. There
are 802.1x authentication services available for the WAN side if you
don't want to build your own RADIUS server.
| http://radiuz.net
| http://www.linksys.com/wirelessguard/

On the LAN side, you mumble something about a VPN firewall with a
built in RADIUS server. No clue what you're considering so I can't
comment.

The Windoze 2003 IAS RADIUS server is probably the easiest choice:
| http://www.windowsnetworking.com/art...dows-2003.html
| http://technet2.microsoft.com/Window...aa5e61033.mspx

--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

#3 (**permalink**) 11-13-2006, 10:15 AM

Thank you for your fast anwer.
I'm studying the Windows 2003 IAS Radius Server.

> On the LAN side, you mumble something about a VPN firewall with a
> built in RADIUS server. No clue what you're considering so I can't
> comment.

I've found some products like ZyXel ZyAIR G-2000 Plus that comes with a
build-in RADIUS server.

http://us.zyxel.com/products/model.p...7&indexcate1=&

This product works like an Access Point and it has a firewall with it.
The problem in my network is that I want to put more than one Access
Point to extend the wireless area. I think that I might separate the
firewall from the access points and it will be easyest to mantain.

Thank you very much

#4 (**permalink**) 11-13-2006, 12:38 PM

Hi!
I've been studying Windows 2003 IAS RADIUS Server to configure the
service but I'm not sure that it will be a good solution for a Wireless
LAN where my clients can be PDAs.
Does anybody know if I can use this RADIUS Server (or another) with a
network where wireless clients can be using Palm OS or Windows Mobile
(Windows CE)?
Thank you