(RADIATOR) 802.1X PEAP and WEP-rekey in WLAN

Tom Rixom tom.rixom at alfa-ariss.com
Fri Mar 21 04:34:03 CST 2003 

Hello,

Just set the session-timeout in Radiator to ten minutes 
(Not all access point support this, Cisco Avaya are ok)

The client will re-authenticate every ten minutes and also generate a new WEP key.

Tom.

> -----Original Message-----
> From: Denis Pavani [mailto:d.pavani at cineca.it]
> Sent: Friday, March 21, 2003 10:51 AM
> To: Mikko Suomi
> Cc: radiator at open.com.au
> Subject: Re: (RADIATOR) 802.1X PEAP and WEP-rekey in WLAN
> 
> 
> Hi. On Cisco Aironet 350 you can set wep key rotation on, 
> setting a time 
> in the vlan setup (or in the general wep setup, if you don't 
> use VLAN).
> It should negotiate a new wep key.
> I never tried because it seems Xsupplicant for Linux does not support 
> dynamic key negotiation.
> You have to configure autoMPPEkeys (or similar, I don't have 
> the config 
> files on sight) too.
> 
> Regards
> 
> Mikko Suomi wrote:
> 
> > Hi all
> >
> > I'm using Radiator in WLAN to autenticate 802.1X PEAP 
> clients (Windows 
> > XP) to radius flat user-file database. System works fine, but for 
> > extra security I would like to change WEP-keys if WLAN user is 
> > connected for long time. Does anybody know should it be possible to 
> > rekey WEP-keys with Radiator if a wlan-connection is on for example 
> > over 10 minutes ?
> >
> > Idea is that WEP-key that is used to crypt traffic would be 
> changed so 
> > often that it would not be practical to try to crack it. I remember 
> > reading from somewhere that this should be supported with 
> LEAP, PEAP 
> > and TTLS ?
> > Wlan AP is Cisco Aironet 350 and client card are Cisco Aironet 350 
> > Pcmcia cards and Nokia D211 cards.
> >
> > Thanks for all replys in advance
> >
> > Mikko Suomi
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> >
> 
> -- 
> **************************************************************
> **********
> Denis Pavani
> 
> CINECA    -    Comunicazioni e Sistemi Distribuiti
> NOC - Network Operation Center
> 
> phone:+39 0516171953 / fax:+39 0516132198
> http://www.cineca.it
> **************************************************************
> **********
>  "Siamo pagati per adattarci, improvvisare e raggiungere lo scopo"
>   -- Gunny Highway 
> 
> 
> 
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list