Push Wireless WPA Passphrase -GPO

[Helenp1983]

Hi,

I have an unsecure wireless network that i wish to make secure using WPA-PSK.

I wondered if i could push out my passphrase in a group policy? I can see that i can select the prefered wireless point. But do i really have go around every machine nad add in the passphrase?

If not what my options?

 

[ncotton]

You need a radius server...you can not do this through group policy. Even if you engineered a way to do it through group policy. It would be stored plain text in the registry. Group policy only supports plain text transfers.

Radius servers authenticate\encrypt\synchronise rolling key encryption. That way your keys are being managed by a seperate server.

Preshared keys are pretty useless in a target rich environment, cause any jepordisation of the key, leaves all machines vulnerable untill you manually change the key.

On a corporate highly used wireless lan, you can detect and break a 128key in about 4/5 hours sniffing. About 1.2Gb of data should be able to deduce the key.

I seriously suggest RADIUS. There are many radius server solutions, you don't need a mega machine, not even a Windows server OS. Just the radius server software.

Hope this Helps.

Neil J Cotton
njc Information Systems
Systems Consultant