Wireless Access

Reply
Occasional Contributor II
Posts: 51
Registered: ‎02-20-2012

WEP key with Captive Portal authentication

We're using a captive portal profile for our staff and students. They authenticate to a directory via LDAP. Things are working well in our test enviroment but I am wondering if we can add a WEP key in order to encrypyt the data being sent from the client to the AP. My thinking is: users would only have to enter this WEP key once and it would be saved in the wireless profile on their devices. Once it saved, they would only have to enter their LDAP creds via the CP page. 

 

Is this possible?

Guru Elite
Posts: 8,328
Registered: ‎09-08-2010

Re: WEP key with Captive Portal authentication

[ Edited ]
Yes, but I would highly recommend using WPA2-PSK instead. WEP should not be used anymore except special cases with legacy equipment.

Also keep in mind that with shared key encryption, users can decrypt each others traffic. I would strongly recommend looking at using 802.1X instead.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II
Posts: 51
Registered: ‎02-20-2012

Re: WEP key with Captive Portal authentication

Ok, thanks Tim. 

 

I'm using WPA2-PSK now but I am not prompted to enter my username and password - no CP. 

 

 

Guru Elite
Posts: 8,328
Registered: ‎09-08-2010

Re: WEP key with Captive Portal authentication

Did you set the initial role to your captive portal logon role?

Sent from Nine

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II
Posts: 51
Registered: ‎02-20-2012

Re: WEP key with Captive Portal authentication

ah...thank you. It's working now. 

 

As for traffic being decrpyted...is there anything in "stateful firewall" that would make a difference? I see "deny inter user traffic" for example?

MVP
Posts: 1,412
Registered: ‎11-30-2011

Re: WEP key with Captive Portal authentication

nope nothing, that option is to prevent users from talking to each other on the same SSID.

Search Airheads
Showing results for 
Search instead for 
Did you mean: