Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
561
Views
0
Helpful
1
Replies

How can I use Dynamic Encryption with MAC Authentication In WLAN?

behigh
Level 1
Level 1

‎05-04-2006 11:08 PM - edited ‎03-10-2019 02:34 PM

Dear there:

Here I use MAC Authentication with a ACS in a Wireless LAN, but I didn't find any encryption options both in AP side and the client side. Is that the MAC Authentication doesn't support the Dynamic Encryption?

so, with MAC Authentication on ACS, how could I implement the Dynamic encryption on APs?

Thanks!!

Labels:
0 Helpful
1 Reply 1

a.kiprawih
Level 7
Level 7

‎05-05-2006 12:02 AM

Hi,

What Aironet model & IOS version you use? Use the following guide if your AP runs on IOS.

When you used MAC authentication, you have to enable Open Authentication with EAP, but it comes with additional configuration too.

Anyway, since you’re looking at dynamic encryption, I believed the solution more or less is stated in the following url:

http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801bd035.shtml

For dynamic encryption, in the document, look under “Define Client Authentication”. You’re required to set encryption as mandatory (check the snapshot of AP). This means it will dynamically encrypt the data transmitted between client and AP.

Since you’re already using MAC Address authentication, you can combined the EAP with MAC Authentication (refer to snapshot of AP config under Step 2).

Before that, you need to generate certificate in ACS. Install this cert in your client pc (right-click, choose ‘install certificate’). Let me know of you need info on how to generate self cert in ACS.

For client configuration, under properties – Wireless Networks – create/edit your ssid setting. Under Association, make sure to enable ‘Data encryption’ and ‘The key is provided to me automatically’. Under Authentication tab, choose ‘Enable IEEE802.1x …’. Under EAP type, choose ‘Protected EAP’, then click ‘Properties’ button. Under ‘Trusted Root Certification Authorities’, look (scroll down) and select the cert you’ve just installed. Don’t forget to choose ‘Enable Fast Reconnect’.

*put all this setup under your existing SSID

Hope this helps you with your WLAN implementation.

Rgds,

AK

0 Helpful
Customers Also Viewed These Support Documents