5209 Views 1 Reply Latest reply: Mar 18, 2011 11:19 AM by Erich Wetzel
RADIUS would use the individual credentials of each user to verify whether or not they are permitted to access the wireless network. This eliminates the "shared secret" password used in many simple wireless networks.
-Create a group you call "wirelessaccess" and put the users you want to have wireless network access in it.
-Start RADIUS on your server and set it to only permit "wirelessaccess" group users access to the RADIUS service.
-Tell your server to apply RADIUS authentication to your wireless access points.
-Tell your wireless access points to use only RADIUS authentication from your server.
-When a user tries to connect to the wireless network, they will now be prompted with a user and password dialog which requires a user credential in the "wirelessaccess" group to be permitted on to the wireless network.
You would still have the problem of credentials possibly being given out. However, since the credentials to connect via RADIUS are those of each individual user, you would be able to see in your logs who is supposedly connecting. Individual users would be less likely to give out their own credentials since they would be giving away access in their name and also giving away access to all of their own items in the system.
Hope this helps.