Open Wireless authentication concept.

Similar Messages

• Wireless authentication to a windows network

  IF this is the wrong group please let me know and I will re-post...
  I am trying to solve some problems authenticating to a windows network using a airport card....
  I keep getting a non-trusted certificate message after/during the 802.x authentication box..We are not using certificates, at least that is what the admin tells me...so I have logged in as root, opened keychain and set the certifcates in question to trust always for all settings...I log out and then relogin as a normal network account and I still get the message which I can click continue and now I have access..
  the other problem is that my home folder will not mount...I have to mount it manually through the finder..I am assuming this is because the airport network services are not running until I authenticate locally with a cached password....Is there a way to have the login window authenticate through airport so I can have my home directory mount automatically...
  thanks for your help...

  unfortunately there are severla problems with the solution and it really doesn't address the issue. I can't mount the volume on the dock as it won't mount, probably because it is the server itself that has been mounted, not the shared home folder. Also it might create a conflict by having an alias to the home folder that would conflict with the auto mounted home folder when I use the ethernet as a connection source. What I have is a multi-purpose machine.
  1) I use a hardwired connect at my desk...
  2) If I need to go somewhere that a port in the wall is not active, I can then use a wirless connection which allows me access to everything I need....
  What I need to do is get this working so that the rest of the area can use it as well....
  So the question still remains: Does the wireless authentication not mount the home directory because it is not tied into the login window. For example, in a hardwired case I login to the system and this authenticates me and mounts my home folder. When I unplug the ethernet cable and turn on ariport and log off I login to the login window but the 802.x box comes up and asks for my password....which then brings up a not trusted certificate. Which I have tried everyhting I know to make this accepted by the system, including logging as root and going into keychain and setting it to be trusted. This DOES not work. I still get the untrusted certifcate message and the home directory does not mount. So what I need is someone who is authenticating to a windows network using wireless. I have followed all the 802.x suggestions which include using only peap to authenticate through.
  I hope someone can tell me how to stop the untrusted certificate error and how to mount the home directories. It would seem that there should be some type of setting to make airport startup prior to the login window or be hooked into the login window and pas that through to the wireless authentication. This is beyond my experience as you can see...
  thanks

• Secure wireless authentication

  I have just been reading all the posts about secure wireless access and I am
  not happy with the direction Novell has chosen to take.
  I have been extremely pleased with Netware, GroupWise & ZenWorks but Novell
  is starting to loose it's appeal.
  Let me summarize what I have learned and see if I have made any mistakes
  with my understanding.
  1. Novell has stopped development on their Radius server and have no plans
  to resume development.
  2. Novell contributed code to the open source FreeRadius project.
  http://www.novell.com/news/press/arc...2/pr05008.html
  3. There isn't any Radius server with 802.1x authentication that runs on
  Netware (Netware kernel).
  a. Novell's Radius server (BMAS or the newer NMAS server) doesn't do
  802.1x authentication.
  b. I have contacted Funk and this is their reply. Steel-Belted Radius
  Server will run on Windows and Solaris (Linux is coming).
  http://www.funk.com/News&Events/sbr_linux_pn.asp
  c. MTG House hasn't gotten back to me about a solution for Netware. (I
  am doubtful, I didn't find anything on their website.)
  4. You need to run a Radius server that does 802.1x authentication and will
  work/integrate with eDir.
  a. FreeRadius (Linux) will integrate with Edir.
  http://www.novell.com/documentation/...ius/index.html
  http://www.novell.com/coolsolutions/feature/15383.html
  b. Funk's Steel-Belted Radius server (Windows, Solaris & Linux is in
  beta).
  http://www.funk.com/radius/default.asp
  c. Aegis Server
  http://www.mtghouse.com/products/aeg...er/index.shtml
  5. You need a 802.1x Client to authenticate to a Radius server for wireless
  authentication.
  a. Microsoft has 802.1x support in their client. (read this from other
  posts in this forum)
  b. Novell isn't planning on putting 802.1x support in the NW Client.
  (read this from other posts in this forum)
  c. There are 2 Radius clients that integrate with the NW Client for
  Radius Edir authentication.
  1. Funk's Odyssey Client ($45 - $50 per workstation depending on
  quantity) + added annual maintenance costs.
  $2281.25 for 50 Client licenses & annual maintenance.
  http://www.funk.com/radius/wlan/wlan_c_radius.asp
  2. Aegis' Client ($32 - $39.99 per workstation depending on
  quantity) + added annual maintenance costs.
  $2240.00 for 50 Client licenses & annual maintenance.
  http://www.mtghouse.com/products/aeg...nt/index.shtml
  http://www.mtghouse.com/novell_app_note_122204.pdf
  3. When FreeRadius is integrated with Edir is this separate client
  still needed?
  I didn't see anything about a separate client being needed while
  reading the Integrating FreeRadius with Edir documentation.
  6. FreeRadius support is going to be built-in to the next version of Edir.
  http://www.novell.com/news/press/arc...2/pr05008.html
  Why didn't Novell contribute code to port FreeRadius to Netware?
  At this point in time they are still giving us a choice between the Netware
  kernel and the Linux kernel. To me that says they are willing to make
  things work with both systems until they drop support for the Netware
  kernel. Ok, so give me support for 802.1x authentication in the Netware
  kernel. I don't have stray single purpose servers floating around my
  network and I don't want to have to begin that practice just to get Radius
  802.1x authentication working.
  I also won't put my district at a disadvantage by upgrading to the Linux
  kernel until I know Linux well enough to administer it properly. I am the
  IT department at this district so I don't have a great deal of extra time to
  run about learning the new things I would LOVE to learn. I'm sure I'm not
  the only person in this situation so Novell should take these things into
  concideration before they just drop support for a product they say they are
  still supporting. Obviously all of the real support is going toward the
  Linux side at Novell.
  Daniel Blake
  Milford Central School

  Ok, I'll give them the benefit of the doubt and say fine the Netware kernel
  might as well be considered dead. So they are giving me support via
  FreeRadius if I just migrate to OES (Linux). Ok, I might/can live with that
  as a Novell decision.
  But that still doesn't explain why they don't give us some client to log in
  via 802.1x. Giving us the server but not the client is like giving us a
  locked door without a key. That's just plain stupid. I would rather stay a
  Netware - OES shop, but if Novell can't think something this simple through
  then I'm a little nervous about staying with them. What could they think up
  next?
  I guess Novell has decided to port all it's software to Windows cause it
  sucks so bad at business decisions. GroupWise & ZenWorks run completely on
  Windows now, so why do I need OES at all? Except for complexity &
  integration issues of course. I mean why would I need to purchase Edir for
  Windows if I didn't stay with OES? Or Nsure Identity Manager for that
  matter. So if we start looking deeper into this we see Marketing all over
  this thing. Novell Marketing has always done such a good job for Novell.
  Novell has given me a real choice that will work though. If I migrate
  completely to a Windows network it just works without any added costs. Heck
  it even makes my installs easier without having to install the NW Client on
  every new workstation. I can still run ZenWorks & GroupWise too.
  Now, how is Novell Marketing going to screw up and make me hate GroupWise &
  Zenworks so I migrate completely away from Novell products? Way to go
  Novell!
  Daniel Blake
  Milford Central School
  "Jim Michael" <[email protected]> wrote in message
  news:[email protected]...
  > mcsdtech wrote:
  >
  >> 1. Novell has stopped development on their Radius server and have no
  >> plans to resume development.
  >
  > Correct, so far as we know.
  >
  >> 2. Novell contributed code to the open source FreeRadius project.
  >> http://www.novell.com/news/press/arc...2/pr05008.html
  >
  > Yes. Code to allow easier integration with eDirectory.
  >
  >> 3. There isn't any Radius server with 802.1x authentication that runs on
  >> Netware (Netware kernel).
  >
  > Correct.
  >
  >> a. Novell's Radius server (BMAS or the newer NMAS server) doesn't do
  >> 802.1x authentication.
  >
  > Correct. It was developed quite a while before 802.1x even existed.
  >
  >> b. I have contacted Funk and this is their reply. Steel-Belted
  >> Radius Server will run on Windows and Solaris (Linux is coming).
  >> http://www.funk.com/News&Events/sbr_linux_pn.asp
  >
  > Correct, but Stell-Belted Radius is probably the last solution I would
  > look at. Radiator is a commercial product that runs on Linux or Windows
  > (it is Perl-based) and you will get far better support from them on
  > eDirectory issues and general Radius problems. freeRADIUS is what I would
  > run on Linux if you don't want to spend a dime on the software.
  >
  >> c. MTG House hasn't gotten back to me about a solution for Netware.
  >> (I am doubtful, I didn't find anything on their website.)
  >
  > Not familiar with them.
  >
  >> 4. You need to run a Radius server that does 802.1x authentication and
  >> will work/integrate with eDir.
  >> a. FreeRadius (Linux) will integrate with Edir.
  >> b. Funk's Steel-Belted Radius server (Windows, Solaris & Linux is
  >> in beta).
  >
  >> c. Aegis Server
  >
  > And Radiator (what I run) http://www.open.com.au This is the solution we
  > run.
  >
  >> 5. You need a 802.1x Client to authenticate to a Radius server for
  >> wireless authentication.
  >
  > Correct.
  >
  >> a. Microsoft has 802.1x support in their client. (read this from
  >> other posts in this forum)
  >
  > Correct. Technically, the "support" is in Windows, not the MS client.
  >
  >> b. Novell isn't planning on putting 802.1x support in the NW Client.
  >> (read this from other posts in this forum)
  >
  > Correct.
  >
  >> c. There are 2 Radius clients that integrate with the NW Client for
  >> Radius Edir authentication.
  >> 1. Funk's Odyssey Client 2. Aegis' Client ($32 - $39.99 per
  >> workstation depending on
  >
  > Correct.
  >
  >> 3. When FreeRadius is integrated with Edir is this separate
  >> client still needed?
  >
  > Yes. You ALWAYS need a 802.1x supplicant (client) on the workstation.
  > Windows has one built-in, which works FINE against eDirectory. HOWEVER,
  > because of the way it works you must log into eDirectory *after* fully
  > logging into windows. That is unacceptable to most organizations (you
  > would have to manually log in and map drives to NW, etc). This is why
  > there are third-party clients that integrate specifically with the NetWare
  > client.. they allow the 802.1x authentication to "insert" itself
  > in -between the Windows and eDirectory login, thus preserving all of the
  > normal features like dynamic local user, zen policies, etc.
  >
  >> I didn't see anything about a separate client being needed
  >> while reading the Integrating FreeRadius with Edir documentation.
  >
  > A client is always assumed.
  >
  >> Why didn't Novell contribute code to port FreeRadius to Netware?
  >
  > Because Novell's future direction is Linux, and there isn't much demand
  > for a NetWare Radius server.
  >
  >> At this point in time they are still giving us a choice between the
  >> Netware kernel and the Linux kernel. To me that says they are willing to
  >> make things work with both systems until they drop support for the
  >> Netware kernel. Ok, so give me support for 802.1x authentication in the
  >> Netware kernel. I don't have stray single purpose servers floating
  >> around my network and I don't want to have to begin that practice just to
  >> get Radius 802.1x authentication working.
  >
  > You can always make your wishes known at
  > http://support.novell.com/enhancement
  >
  >> I also won't put my district at a disadvantage by upgrading to the Linux
  >> kernel until I know Linux well enough to administer it properly. I am
  >> the IT department at this district so I don't have a great deal of extra
  >> time to run about learning the new things I would LOVE to learn. I'm
  >> sure I'm not the only person in this situation so Novell should take
  >> these things into concideration before they just drop support for a
  >> product they say they are still supporting. Obviously all of the real
  >> support is going toward the Linux side at Novell.
  >
  > I understand the frustration, but I doubt things will change. There is a
  > big difference between "supporting" existing products and adding major
  > enhancements to products to support new standards. I just don't think
  > Novell believes it is worth dedicating development resources to enhancing
  > Radius on NetWare, for those few that can't/won't run a Linux or Windows
  > box where the software already exists.
  >
  >
  > --
  > Jim
  > NSC SYsop

• How to create a truly open wireless network on CT5760 controller?

  Hi
  We have a 5760 setup and a mix of 3702 and 1142 access point.
  But, no matter what I do, I can't create a really 'open' network... I mean a non-restricted, open wireless network. Like what you get when you buy a home 50$ access point.
  Even after disabling all restriction, clients still can't connect directly to one another.
  I need to create this SSID for an experiment in one of our labs and they want all their options open... including multicast...
  So, my question is: Can I make a super smart network setup to do a simple wireless network?
  Thanks guys!
  P.S
  I can't use any other equipment from various reasons... must do it with what I have...

  Hi all,
  I tried your suggestions but unfortunately it is not working... after associating two clients to that SSID, they can't reach each other by PING. (which worked when both were connected to a simple home router).
  This is the wlan config:
  wlan naor 100 naor
   accounting-list 
   no assisted-roaming dual-list
   no assisted-roaming neighbor-list
   band-select
   broadcast-ssid
   ccx aironet-iesupport
   channel-scan defer-priority 4
   channel-scan defer-priority 5
   channel-scan defer-priority 6
   channel-scan defer-time 100
   chd
   client association limit ap 0
   client association limit radio 0
   client association limit 0
   client vlan 4000
   dtim dot11 24ghz 1
   dtim dot11 5ghz 1
   exclusionlist
   exclusionlist timeout 60
   ip access-group web 
   ip access-group 
   ip dhcp server 0.0.0.0
   ipv6 traffic-filter web none
   ipv6 traffic-filter none
   load-balance
   mac-filtering 
   mfp client
   mfp infrastructure-protection
   mobility anchor sticky
   radio all
   no security wpa
   no security wpa akm dot1x
   no security wpa wpa2
   no security wpa wpa2 ciphers aes
   security dot1x authentication-list 
   security dot1x encryption 104
   security ft over-the-ds
   security ft reassociation-timeout 20
   security pmf association-comeback 1
   security pmf saquery-retry-time 200
   security static-wep-key authentication open
   security tkip hold-down 60
   security web-auth authentication-list 
   security web-auth parameter-map 
   service-policy client input unknown
   service-policy client output unknown
   service-policy input unknown
   service-policy output unknown
   session-timeout 1800
   wmm allowed
   no shutdown
  It id quit frustrating...
  Thanks for the help!

• Airport no longer connects to OPEN wireless networks

  Lots of people seem to think that their airport keeps dropping the connection to OPEN wireless networks because of the 2008-001 airport update. That is probably only true for a Macbook 2,1 (aka Macbook Core 2 Duo).
  I had the issue on my Macbook 1,1 (aka Macbook Core Duo). I wiped the system clean. Re-installed OS-X. Applied all updates BUT:
  1. Airport 2008-001
  2. Security update 2008-002
  I also downgraded the Airport firmware to 2007-004 (aka version 1.1.9.3).
  Technically speaking this should have resolved the issue but it didn't.
  Why do I believe it should have resolved the issue? Because the same approach worked on the Macbook 2,1 and they both have the exact same Airport card.
  Now I have no idea how to get it fixed - I think I have tried every possible way. There doesn't seem to be any way to contact Apple coz I don't have a support contract.
  But hey, do I need a contract? Apple broke this for me ... they should fix this. I am about to post this as a tech article on engadget and other places because there are SO many people suffering from poor testing on Apple's behalf.
  Apple, please respond.
  Thanks.

  Visited the "genius" bar this afternoon - what a trip!! The guy said this is a Verizon issue, period. I was like you must be kidding, there are SO many people out there who got affected and not everyone uses verizon ... he actually got pretty mad and said you should be using mac hardware (router) and secure network. I even told him my second Macbook is working fine on the same Verizon network. This is their new location in the Northern VA area at Fair Oaks Mall.
  I would call that guy anything but a genius, what a waste of time. This was my first and last trip to a "genius" bar.
  If anyone comes across any new ideas, please share.
  Thanks.

• Open LDAP Authenticator Configuration on WLSSP5

  I have problems in the open LDAP authenticator configuration on Weblogic Server with Service Pack 5. I have users on OpenLDAP Server that do not belong to any group. My LDIF file contents are as given below.
  dn: dc=my-domain,dc=com
  dc: my-domain
  objectClass: dcObject
  objectClass: organization
  o: MYABC, Inc
  dn: cn=Manager, dc=my-domain,dc=com
  userPassword:: c2VjcmV0
  objectClass: person
  sn: Manager
  cn: Manager
  dn: cn=myabcsystem, dc=my-domain,dc=com
  userPassword:: dmVuZGF2b3N5c3RlbQ==
  objectClass: person
  sn: myabcsystem
  cn: myabcsystem
  dn: cn=Philippe, dc=my-domain,dc=com
  userPassword:: UGhpbGlwcGU=
  objectClass: person
  sn: Philippe
  cn: Philippe
  dn: cn=mlrick, dc=my-domain,dc=com
  userPassword:: bWxyaWNr
  objectClass: person
  sn: mlrick
  cn: mlrick
  All these users appear in the Users tab after configuration on the console only if LDAP Server is up. While I select group tab, I get errors indicating BAD SEARCH Filter.
  Inspite of me not having any groups in the ldap as indicated in ldif contents.
  While I try to login t the application with this LDAP configuration, I do not get any errors. LDAP authentication is not happening with just the LDAP authenticator in place. Even if I stop the LDAP server, I do nto get any exceptions while trying ot login. The config params for the Open LADP are as given below
  <weblogic.security.providers.authentication.OpenLDAPAuthenticator
  AllGroupsFilter="objectclass=*"
  Credential="{3DES}rGCpYmhaIorI99BjZ2u6Fg=="
  GroupBaseDN="dc=my-domain,dc=com"
  GroupFromNameFilter="(cn=%u)"
  Name="Security:Name=MYABCAuthenticationOpenLDAPAuthenticator"
  Principal="cn=myabcsystem,dc=my-domain,dc=com"
  Realm="Security:Name=MYABCAuthentication"
  StaticGroupDNsfromMemberDNFilter=""
  StaticGroupNameAttribute="" StaticGroupObjectClass=""
  StaticMemberDNAttribute="" UserBaseDN="dc=my-domain, dc=com"/>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <LDAP ATN LoginModule initialized>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <LDAP Atn Login>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <LDAP Atn Login username: bob>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <getConnection return conn:LDAPConnection { ldapVersion:2 bindDN:""}>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <authenticate user:bob>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <getDNForUser search("ou=people,ou=MYABCAuthentication,dc=myabc", "(&(uid=bob)(objectclass=person))", base DN & below)>
  ####<Mar 3, 2006 4:21:34 PM IST> <Debug> <SecurityDebug> <hemalatha> <myserver> <ExecuteThread: '49' for queue: 'default'> <<WLS Kernel>> <> <000000> <returnConnection conn:LDAPConnection { ldapVersion:2 bindDN:""}>
  CAN ANYONE HELP ME IDENTIFY WHAT IS THE ISSUE. Why is the authentication not happening?

  Hi Amol,
  I've seen this happen at least two times in 11.1.1.1 installs. You can safely restart and then add the service back again. Suggest you reboot after you re-add the service back or cycle all the Hyperion services.
  I was not aware you could install the service with that command.
  I used the below command instead:
  sc create OpenLDAP-slapd start= auto binPath= "D:\Hyperion\...\slapd.exe service" DisplayName= "Hyperion Shared Services OpenLAP"
  Regards,
  -John

• Need MBAM 2.5 Helpdesk and selfservice sites to open for authenticated users with no password prompt

  I Need MBAM 2.5 Helpdesk and self service sites to open for authenticated users with no password prompt. I just cant seem to get this to work. The account used in the application pool has its SPN registered and delegation set. I can use that account to login
  to the sites but am prompted for a password. That said anyone I add into the helpdesk users group cannot negotiate the sites. Only the account I have set in the application pool can. I want domain authenticated users that have been added to the MBAM Help Desk
  Users group to negotiate the site with NO password challenge at all.
  tconners

  This generally means that your SPN is not set up correctly.  Let's say the web server you installed the SSP on is lance.contoso.com and your app pool creds are corp\lance.  You should set an SPN similar to setspn -s http/lance.contoso.com
  corp\lance.  In your browser, you should now be able to access the SSP without prompts.  However, if you still get prompted, generally that means that your local intranet zone in IE does not have an entry for *.contoso.com.  Since you are entering
  an FQDN in your browser, IE interprets the "." to mean "on the internet" which breaks Kerberos authentication.  By adding *.contoso.com to your local intranet zone, you are telling it that lance.contoso.com is on the intranet, so use
  Kerberos.
  I can confirm, that I have exact configuration and I always get the password promt for the very first time. We have 2 server (1xIIS and 1xSQL) infrastructure in production with SPN set like it should and I get the password prompt.

• 802.1x wireless authentication with certificates

  Hi.
  I have configured and working 802.1x authentication with certificates for Wired connections. with no problem.
  when i try to authenticate the same machine with 802.1x and certificates , on Wirelss, the ACS rejects it  with:
  "12520  EAP-TLS failed SSL/TLS handshake because the client rejected the ACS local-certificate."
  the ACS is the same, the certificate the same, and the root ca is the same.
  what's hapenning????
  Antero Vasconcelos

  What supplicant are we using for wireless authentication? Do we have complete chain of certificates installed on the client machine? Can you check if we have root CA/intermediate correctly installed in client and ACS.
  ~BR
  Jatin Katyal
  **Do rate helpful posts**

• 802.1x Wireless Authentication

  Hello
  I am using a MS Certificate Server and MS Radius server with 802.1x Wireless Authentication. When the macs Authenticate I get a warning so to speak and the Cert will not save or trust. I have enter it in as a 509 anchor and other and still the same thing. Is anyone out there doing this.
  The windows says
  801x Authentication
  The Server Certificate could not be validated becuase the root certificate is missing.
  Thanks

  No, CA wasn't changed with R2.
  Are you able to see the User's certificate in the Keychain app under the login keychain & My Certificates? Can you see the CA's certificate under the X509Anchors?
  In the login keychain, when looking at the Users certificate, does it show as valid?

• Password Required for Open Wireless Network

  I'm participating in a meeting in Norway with four other people on laptops using a mix of WinXP and Vista. They all connected to an open wireless network without issue. On my MBP, I see the network, but cannot connect to it. Going through the "Assist me..." option in the Network Setup Assistant leads me to a form that invites me to enter a WEP Password. It says:
  The AirPort network "BERGSTADEN BASE1" requires a password.
  Please enter the type of wireless security and the network
  password.
  The problem is that no password is required (as confirmed by all my WinXP/Vista-using friends). I am at a small conference facility at a resort area and do not have access to the wireless access point.
  Any idea how I can join the network?

  When you are not connected to the network, go to the Airport menu (the icon near your clock). Hold down the option key, while you click on the Airport icon. Then move the mouse pointer down to the network in question.
  If your Mac thinks that the network is secured, it will come up with a "tip" saying something like WPA or WEP.
  Also, is it possible that you have connected to a network of that name before that required security? Go to System Preferences -> Network -> Airport -> Advanced -> Airport and delete the network from the list.
  Then try to reconnect from the icon on your menu bar.
  Cheers,
  Rodney

• Wireless Authentication

  Hello
  I am using a MS Certificate Server and MS Radius server with 802.1x Wireless Authentication. When the macs Authenticate I get a warning so to speak and the Cert will not save or trust. I have enter it in as a 509 anchor and other and still the same thing. Is anyone out there doing this.
  The windows says
  801x Authentication
  The Server Certificate could not be validated becuase the root certificate is missing.
  Thanks

  You've posted in the wrong forum. This is Feedback about Discussions. Try Networking and the Web maybe.

• I have a new iPad 2 it won't search for open wireless networks how do I fix this?

  I have an iPad 2 that won't search for open wireless networks for example when I go to the car dealership.  How do I fix this?

  Take it back and have it replaced.

• Wireless authentication through AD

  I have a 2106 LAN controller with 1250 AP. I need to authenticate via my Active Directory users. Can this be done and how? I am also looking to get better range from my antennas, what the best omni or Bi antenna I can use with my 1250 AP
  Thank you in advance.

  Hi Tabish:
  Unfortunately, there is no specific document for wireless authentication with ACS 5.x
  If you wish you can check the below listed sections from acs 5.1 user guide:
  You can configure AD on Windows to use as external database, you can use the following link to integrate your AD
  http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/users_id_stores.html#wp1053213
  For authorization using TACACS+
  http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/pol_elem.html#wp1074366
  For configuring managing access
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/access_policies.html
  HTH
  Regards,
  JK
  Plz rate helpful posts-

• Open Wireless Network

  Hello,
  a neighbour has since a few days a open wireless network. Now on every start Airport ask if i want to connect to the open wireless network because no reliable wireless network couldn't be found.
  In the Airport preferences it is activated that airport should connect on start to my favourite wireless network. There is only my wireless network listed.

  I forgot. My Sytem is 10.4.8 on a Intel iMac.

• RV180W Router -Configuring network secure from open wireless

     I would like to set up an open wireless network for web access only and keep the 2nd WPA wireless network and the internal wired network secure from this open network.  Not finding any clear indication of how to do this in the manual.  Tnx for any advice.               

  Amjad - you were correct about VLAN being the answer and I eventually figured it out.  Since this router provides multiple wireless networks, I was surprised that the manual didn't outline how to do this since creating a public and private network would be one main reason to buy this product.
  The default setting is for everything to be on VLAN1.  I created a 2nd VLAN for the open wireless network with a different IP subnet and defined a DHCP range and once I figured out that "Inter-VLAN Routing" needed to be enabled on both VLANS, then everything worked.  I suppose that "Inter-VLAN Routing" is how VLAN 2 gets across to VLAN 1 and the gateway, but it doesn't allow connections to anything on VLAN 1 except the gateway.  This is what I wanted.
  Thanks again.