cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2317
Views
0
Helpful
11
Replies

2802 Cisco Mobility Express mac address Radius

as00001111
Level 1
Level 1

Hey all,

I got a 2802 Access Point where I installed the CME image 8.5.140.0 on.

I can add local mac addresses for mac filtering.

Is it also possible to use a Radius server e.g. freeradius for mac address authentication?

11 Replies 11

Chris Donkelaar
Level 1
Level 1

Yes, you can use mac filtering via Freeradius (see the freeradius wiki page).

-If I helped you somehow, please, rate it as useful.-

Yes but how to configure on a 2802 AP with Cisco Mobility Express?

Hi,

 

Please find the link for configuring external radius server on Mobility express.

 

External Radius Server Configuration ME

 

Radius Configuration GUI Steps

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

mmh, but how exaclty can I define a 802.1x MAC-based Port-Security ?

You can’t perform dot.1x and MAB at a same time.

 

 

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

Sorry, I just want to do MAB .

But with a freeradius server and not local database.

How can I do that?

Please check the reply of mine on this thread for configuring external radius.

 

you have to enable the MaC filtering in SSID and need to enable and configure the external radius server IP with shared secret key.

 

So that whenever user tries to connect it will verify the mac address on external server. Then provide access accordingly.

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

I understand.

But then I can't use WPA2-Personal with a PSK right?

My idea was to setup a WPA2-personal with a PSK and a mac filter with external radius.

Is that possible?

That is possible.

 

you can have a WPA2 Personal and Mac with external radius can be done. Configure a SSID with PSK and MaC filtering as usual only additional thing you have to do is configuration of Radius server. So that you can achieve the thing you want.

 

you can’t have WPA2 Enterprise and MAC with external radius is not possible.

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

But how exactly is the configuration?

As you can see in my screenshot, I have to decide between wpa2-personal and wpa2-enterprise.

When I choose wpa2-personal and click mac filtering, the ap uses the local mac address list.

https://community.cisco.com/t5/other-wireless-mobility-subjects/mobility-express-wpa2-personal-aaa-override/td-p/3701002

 

Refer this thread . You can do this via CLI Commands.

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: