CommScope RUCKUS Community Forums

mark_anthony_sa · ‎06-12-2016

I'm trying to setup a WLAN for a customer where its employees can connect to the WLAN and authenticate using their Active Directory account. Is it better if I use 802.1x (FreeRADIUS) or just use ZD's built in Captive Portal (Web Authentication)? What are the advantages of using 802.1x? Setting up FreeRADIUS is a bit of a hassle.

By the way, can devices that are not joined to their domain connect to the WLAN either via the two options?

michael_brado · ‎06-13-2016

If you use Standard WLAN with 802.1x, you will need RADIUS in front of AD.
You can use ZD's Guest Access type WLAN, with direct AD authenticiation.

mark_anthony_sa · ‎06-13-2016

I configured an open WLAN using Standard type (no encryption) and the option for Web Authentication and Authentication Server are configurable (drop down menu) and our customer successfully authenticated using their AD account. This should be fine, right? Or is this less secure than AD via 802.1x authentication?

michael_brado · ‎06-14-2016

Congratulations, you have AD authenticated access thru our internal web portal.

Using 802.1x with a RADIUS front-end to the AD user/pw db, can exchange some Vendor Specific Attributes,
if you wanted to change VLANs from the one you've setup for this WLAN now, for example. OTW, you have
a secure authentication required wireless network access solution.

robert_lowe_722 · ‎06-16-2016

Just keep in mind that as you are not using 802.1X or a PSK this data is not encrypted and is the same as using an open hotspot SSID all you're doing is using AD to authenticate.

CommScope RUCKUS Community Forums

Active Directory thru ZD Captive Portal vs 802.1x