Summary
This chapter described the detailed steps for deploying secure wireless networks for configurations not described in Chapter 8 or Chapter 10. To deploy Internet access for business partners, you can configure either guest access or validated access. For guest access, the Guest account and a wireless guests group is used to specify Internet access. For validated access, business partners are given valid computer accounts, user accounts, and certificates to obtain a validated connection to the Internet.
To deploy secure wireless between forests, use a layer of IAS RADIUS proxies between the wireless APs and the IAS servers in each forest. To scale RADIUS traffic up, use a layer of IAS RADIUS proxies between the wireless APs and multiple IAS servers in the forest. To use both EAP-TLS and PEAP-MS-CHAP v2 authentication methods simultaneously, either create two groups and two remote access policies (for Windows 2000 IAS) or modify the existing remote access policy to allow both types of authentication (for Windows Server 2003 IAS).