Slashdot Mirror

← Back to Stories (view on slashdot.org)

Are You Using 802.1X?

Posted by Cliff on from the solving-the-problems-of-802.11 dept.

WirelessMan asks "I work for a certain university in the US, and our IT department has just deployed IEEE 802.1x authentication for our wireless network. One of the benefits is that all users' sessions are encrypted using tumbling WEP keys. One of the (major) drawbacks is the 'newness' of 1x. As far as I can tell (Google, etc) there aren't a whole lot of places out there who have taken the plunge. Google it, or check out this brief description. Does the Slashdot community have any experience with 1x?"

"Here's our story: we're using Windows 2003 servers (for IAS) and PEAP/MSCHAPv2. We're not offering support for Windows clients prior to 2000 (even though clients do exist for 98/ME,etc). Windows 2000 supposedly has builtin support after SP3, but on June 10, Microsoft released a WEP patch that breaks 1x! (At least for our implementation...) Windows XP SP1 works in most cases, but certain onboard-wireless chipsets (Intel) don't work, regardless of OS. I heard that staff struggled with and finally successfully installed a 3rd party client for RedHat 9, and I'm told there's also a client for Mac OS 10.2.

As far as I can tell, the network guys did their homework--I promise--but this deployment is beginning to look like a disaster! Do you have any wisdom to share about how to pull victory from the clutches of shameful defeat? I realize my question is rather broad and vague ... but I'm really interested to see what discussion comes up. Thanks!"

5 of 239 comments (clear)

  1. Answer by Anonymous Coward · · Score: 4, Funny

    No.
    Next question please.

  2. 802.1x is very secure here-no one is able to login by Anonymous Coward · · Score: 4, Funny

    At our University we deployed 802.1x and in this
    way we reached the highest possible level of security - nobody, even the authorized personel can not log-in. This means that users have complete
    protection from hackers, viruses and similar.

  3. Re:Testing... Testing... by Snoopy77 · · Score: 4, Funny

    ... should probably be banged on for several weeks with at least a dozen guinea pigs

    First make sure that this is legal in your state. Richard Gere got into trouble for involving small rodents in his banging sessions.

    --
    "She's a West Texas girl, just like me" - G.W Bush Iraqis
  4. Re:I guess you learn something every day. by Lord_Dweomer · · Score: 2, Funny
    " You're thinking of "802.11x" which generally means any of 802.11b, 802.11a, or 802.11g (wireless protocols). "802.1x" is a security protocol, not a wireless protocol per se. Very confusing, I know..."

    So is this 802.1x Hi-Speed or Full-Speed?

    --
    Buy Steampunk Clothing Online!
  5. Re:Get SP4 for W2K by Bios_Hakr · · Score: 4, Funny

    Yep, just tell them to connect to the network and download the latest service pack.

    Oh, what's that? Your network card doesn't work? Well, like I said, just get on the LAN and download this pack.

    Yes, I know your NIC is non functional. Like I said, just get online and download this service pack...

    --
    I'd rather you do it wrong, than for me to have to do it at all.