I live in Cisco world, so please frame your answers in light of WLC 5508's and their SSID's.
Imagine you have have a fair number of wireless bar code readers on your network. You told Management "No, don't use these--use something that uses RADIUS or TACACS for authentication instead of Pre-Shared Keys (PSK's)."
Management said "Sorry, you have to make these work. 'Why?"
- There are too many to replace
- They're too expensive to go through a forklift replacement, but we might be open to life-cycled replacement through attrition.
- The vendor we've chosen doesn't offer anything else for securing these.
- Your request to use RADIUS or TACACS is impractical, since the users will object to having to enter their Active Directory credentials in every time they pick up a wireless bar code scanner."
So, what's out there to solve this dilemma? How do you use RADIUS or TACACS--or anything besides a PSK--to secure an SSID with low-tech devices on it that need wireless and that can't be authenticated into easily by their users?
