cancel
Showing results for 
Search instead for 
Did you mean: 

Active Directory thru ZD Captive Portal vs 802.1x

mark_anthony_sa
New Contributor III
I'm trying to setup a WLAN for a customer where its employees can connect to the WLAN and authenticate using their Active Directory account. Is it better if I use 802.1x (FreeRADIUS) or just use ZD's built in Captive Portal (Web Authentication)? What are the advantages of using 802.1x? Setting up FreeRADIUS is a bit of a hassle.

By the way, can devices that are not joined to their domain connect to the WLAN either via the two options?
6 REPLIES 6

michael_brado
Esteemed Contributor II
If you use Standard WLAN with 802.1x, you will need RADIUS in front of AD.
You can use ZD's Guest Access type WLAN, with direct AD authenticiation.

mark_anthony_sa
New Contributor III
I configured an open WLAN using Standard type (no encryption) and the option for Web Authentication and Authentication Server are configurable (drop down menu) and our customer successfully authenticated using their AD account. This should be fine, right? Or is this less secure than AD via 802.1x authentication?

Congratulations, you have AD authenticated access thru our internal web portal.

Using 802.1x with a RADIUS front-end to the AD user/pw db, can exchange some Vendor Specific Attributes,
if you wanted to change VLANs from the one you've setup for this WLAN now, for example.  OTW, you have
a secure authentication required wireless network access solution.

Just keep in mind that as you are not using 802.1X or a PSK this data is not encrypted and is the same as using an open hotspot SSID all you're doing is using AD to authenticate.