Using RADIUS and DLink2100AP

Archived from groups: alt.internet.wireless (More info?)

Hi all,

Just a quick question here if anyone has used a Windows / Linux RADIUS
server along with a Dlink 2100AP ?
With RADIUS I am not interested in authentication, I am interested in
getting new random keys from the server for TKIP (encryption) in the AP
unit.

Thanks,
Bob.
6 answers Last reply
More about using radius dlink2100ap
  1. Archived from groups: alt.internet.wireless (More info?)

    On Fri, 05 Nov 2004 23:26:33 GMT, BlueBottle spoketh

    >Hi all,
    >
    >Just a quick question here if anyone has used a Windows / Linux RADIUS
    >server along with a Dlink 2100AP ?
    >With RADIUS I am not interested in authentication, I am interested in
    >getting new random keys from the server for TKIP (encryption) in the AP
    >unit.
    >
    >Thanks,
    >Bob.

    When using RADIUS, you get authentication as well as keys. The two
    cannot be separated.

    Lars M. Hansen
    http://www.hansenonline.net
    (replace 'badnews' with 'news' in e-mail address)
  2. Archived from groups: alt.internet.wireless (More info?)

    In article <tckpo0ltqki02o05nft33vls8a1vf4c6tn@4ax.com>,
    badnews@hansenonline.net says...
    > On Fri, 05 Nov 2004 23:26:33 GMT, BlueBottle spoketh
    >
    > >Hi all,
    > >
    > >Just a quick question here if anyone has used a Windows / Linux RADIUS
    > >server along with a Dlink 2100AP ?
    > >With RADIUS I am not interested in authentication, I am interested in
    > >getting new random keys from the server for TKIP (encryption) in the AP
    > >unit.
    > >
    > >Thanks,
    > >Bob.
    >
    > When using RADIUS, you get authentication as well as keys. The two
    > cannot be separated.
    >
    > Lars M. Hansen
    > http://www.hansenonline.net
    > (replace 'badnews' with 'news' in e-mail address)
    >
    Ah, I see.
    Thats for telling me this !! :) You've saved me a lot of time ! :)
    So for the DWL2100 units, how would I define them in the RADIUS setup?
    (That is how would they be described? Same as users???)

    Thanks,
    Bob.
  3. Archived from groups: alt.internet.wireless (More info?)

    On Sat, 06 Nov 2004 22:22:09 GMT, BlueBottle spoketh

    >Ah, I see.
    >Thats for telling me this !! :) You've saved me a lot of time ! :)
    >So for the DWL2100 units, how would I define them in the RADIUS setup?
    >(That is how would they be described? Same as users???)
    >
    >Thanks,
    >Bob.

    The DWL should be defined as a radius client. Your policies (at least in
    IAS) will define which users (in the Active Directory or Domain) will be
    allowed access via the available radius client(s).

    Actually, upon reviewing what can be done in IAS, you can actually
    disable authentication altogether, in which case you'd only be getting
    the keys. However, since TKIP renegotiates keys every so often anyways,
    using radius simply for that is just adding more complexity where it is
    not needed.

    Lars M. Hansen
    http://www.hansenonline.net
    (replace 'badnews' with 'news' in e-mail address)
  4. Archived from groups: alt.internet.wireless (More info?)

    In article <dkoqo0p1mv5t020h246vsp0rskrsmu4316@4ax.com>,
    badnews@hansenonline.net says...
    > On Sat, 06 Nov 2004 22:22:09 GMT, BlueBottle spoketh
    >
    > >Ah, I see.
    > >Thats for telling me this !! :) You've saved me a lot of time ! :)
    > >So for the DWL2100 units, how would I define them in the RADIUS setup?
    > >(That is how would they be described? Same as users???)
    > >
    > >Thanks,
    > >Bob.
    >
    > The DWL should be defined as a radius client. Your policies (at least in
    > IAS) will define which users (in the Active Directory or Domain) will be
    > allowed access via the available radius client(s).
    >
    > Actually, upon reviewing what can be done in IAS, you can actually
    > disable authentication altogether, in which case you'd only be getting
    > the keys. However, since TKIP renegotiates keys every so often anyways,
    > using radius simply for that is just adding more complexity where it is
    > not needed.
    >
    > Lars M. Hansen
    > http://www.hansenonline.net
    > (replace 'badnews' with 'news' in e-mail address)
    >

    OK, the full picture ! A friend and I are going to share our two
    networks via two DWL2100's set in bridge-bridge mode. I was wanting to
    use the TKIP feature (for the hell of it) and was looking
    (automatically) at using RADIUS.
    From what you say, I should be able to get just keys from an IAS setup?
    This is new to me (IAS) so I don't have much to ask about that yet !! :)
    IAS runs under Win2K / Win2K server? This would be a much better option
    for me since I already have one of those builds in place.

    Cheers,
    Bob.
  5. Archived from groups: alt.internet.wireless (More info?)

    On Sun, 07 Nov 2004 01:24:43 GMT, BlueBottle spoketh

    >
    >OK, the full picture ! A friend and I are going to share our two
    >networks via two DWL2100's set in bridge-bridge mode. I was wanting to
    >use the TKIP feature (for the hell of it) and was looking
    >(automatically) at using RADIUS.
    >From what you say, I should be able to get just keys from an IAS setup?
    >This is new to me (IAS) so I don't have much to ask about that yet !! :)
    >IAS runs under Win2K / Win2K server? This would be a much better option
    >for me since I already have one of those builds in place.
    >
    >Cheers,
    >Bob.

    IAS = Internet Authentication Service, and is Microsofts implementation
    of a RADIUS server. I put up a couple of pages on my website on how to
    use RADIUS with wireless access points, and you might find that helpful.
    I'm not sure if you'll need the Certificate service installed if you're
    not going to use the authentication piece...

    I should remind you, though, that when using TKIP, you already have
    dynamic key exchange, and using the radius server only for this purpose
    is not really necessary.

    Lars M. Hansen
    www.hansenonline.net
    Remove "bad" from my e-mail address to contact me.
    "If you try to fail, and succeed, which have you done?"
  6. Archived from groups: alt.internet.wireless (More info?)

    Thanks for the link. Although I do not have Win2003 or Win server I
    will use your pages to investigate this further.

    Again, thanks for all you help.
    Bob.
    EU.
Ask a new question

Read More

Servers Wireless Networking