Re: Access Points and Active Directory

Saudi,
The MS IAS is an AAA server, therefore AP's can talk directly to it.
I recommend you a 3-layer approach: APs --- IAS --- AD

Cheers,
--
Raul

On 5/17/07, saudi sans <saudisans-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> 
wrote:
> Can I conclude that we donot need any AAA server in between? The
> Access points can talk directly to MS IAS.
>
> On 5/17/07, Raul Siles <raul.siles-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> 
> wrote:
> > Hi,
> > If you are going to integrate with MS AD, you can use MS RADIUS
> > server, called MS IAS - Internet Authentication Service:
> > www.microsoft.com/technet/network/ias/default.mspx
> >
> > It's free if you have the Windows Server versions.
> >
> > Cheers,
> > --
> > Raul Siles
> > GSE
> > www.raulsiles.com
> >
> > On 5/17/07, saudi sans <saudisans-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> 
> wrote:
> > > Hi,
> > >
> > > We have got 10 Cisco Aironet Access Points . However we donot have a
> > > AAA solution like Cisco ACS.
> > >
> > > But we would like to authenticate wireless LAN users via Active
> > > directory database before they can connect. Is it possible without a
> > > AAA solution?  Are there any drastic implications if we do this .
> > >
> > > Cisco ACS is expensive ...hence we donot want to buy unless it is mandatory!
> > >
> >