Slashdot Mirror

← Back to Stories (view on slashdot.org)

Are You Using 802.1X?

Posted by Cliff on from the solving-the-problems-of-802.11 dept.

WirelessMan asks "I work for a certain university in the US, and our IT department has just deployed IEEE 802.1x authentication for our wireless network. One of the benefits is that all users' sessions are encrypted using tumbling WEP keys. One of the (major) drawbacks is the 'newness' of 1x. As far as I can tell (Google, etc) there aren't a whole lot of places out there who have taken the plunge. Google it, or check out this brief description. Does the Slashdot community have any experience with 1x?"

"Here's our story: we're using Windows 2003 servers (for IAS) and PEAP/MSCHAPv2. We're not offering support for Windows clients prior to 2000 (even though clients do exist for 98/ME,etc). Windows 2000 supposedly has builtin support after SP3, but on June 10, Microsoft released a WEP patch that breaks 1x! (At least for our implementation...) Windows XP SP1 works in most cases, but certain onboard-wireless chipsets (Intel) don't work, regardless of OS. I heard that staff struggled with and finally successfully installed a 3rd party client for RedHat 9, and I'm told there's also a client for Mac OS 10.2.

As far as I can tell, the network guys did their homework--I promise--but this deployment is beginning to look like a disaster! Do you have any wisdom to share about how to pull victory from the clutches of shameful defeat? I realize my question is rather broad and vague ... but I'm really interested to see what discussion comes up. Thanks!"

5 of 239 comments (clear)

  1. Re:haha! by sixdotoh · · Score: 0, Offtopic

    ah, the humiliation and agony of losing by 2 FREAKIN' MINUTES!! NOOOOOOoooo. come on man.

    --

    This post was brought to you by the number 584811 and the characters / and .

  2. whoa by Anonymous Coward · · Score: 0, Offtopic

    the left nav bar of slashdot has been redesigned!!!

    1. Re:whoa by Gherald · · Score: 0, Offtopic

      Moderators: please read at -1 so you aren't mislead when a thread is reparented :\

      --
      The unofficial /. digest
  3. For hardware considerations... by DeathPenguin · · Score: 1, Offtopic

    I'm recently went from wired to 802.11g. However, it wasn't without a struggle. I did a good deal of research but still got suckered into buying a Broadcom-based card only supported in Windows. As it turns out, Broadcom doesn't support Linux well (Or at all, in this case). To add to the confusion, most of the cards that I checked out that had once boasted Linux compatibility had been 'upgraded' to use a Broadcom chip. Even 802.11b hardware that used the supported Prism2 chipset is damn near impossible to find these days as much of it has been changed over to use cheaper hardware (Not necessarily Broadcom, but other non-supported brands as well). Model names / numbers are virtually the same as they were before. It's basically like searching for a PCI non-Winmodem these days.

    My advice: Go with a nice ethernet bridge and don't get burned by bad / non-existent drivers. I ended up with a Linksys WET54G, which just so happened to be reviewed by THG earlier. It works flawlessly after I plugged it into my NIC under Linux. It also leaves my options open for other OSes that don't even have as much support as Linux. So long as your network card works (And interconnects via RJ45), you'll have a reliable wireless connection using the bridge. Not only that, but it has a configurator accessable through any web browser, much like their routers. This means configuring the bridge for use with encryption and such will work the same on Windows, Linux, MacOS, etc.

    Only problem is they're a bit expensive (Roughly $130). if you don't use Windows full time, it's worth every penny.

  4. Re:Our story by Quixote · · Score: 0, Offtopic
    Huh? This dude just cut-n-pasted the original guy's second paragraph! Moderators, please wake up... :)