cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
871
Views
5
Helpful
1
Replies
Highlighted
Beginner

1200 Wireless AP with 801x switch

I have a working 1200 Access Point, that uses 802.1x PEAP authentication back to an ACS.  I want to enable 802.1x on the switch interface the AP connects to,

Interface f0/2

dot1x port-control auto

dot1x multiple-hosts

When enabled the dot1x stays unauthorized and debuging doesn't show EAPOL packets being passed on?

The switch will work itself with laptop machines wired directly to it (using PEAP), and authorises back to ACS.

I can not confirm what the switch configuration would need to be to enable the wireless EAPOL packets to pass through, or enable the wireless AP1200 to be an eap client to the switch but still a server to the wireless clients?

Thank you

Jon

Everyone's tags (5)
1 REPLY 1
Cisco Employee

Re: 1200 Wireless AP with 801x switch

Hi Jon,

From what I understand, you already have PEAP authentication working for wireless clients, and you would now like to configure dot1x authentication for the AP with the switch where it is plugged in.

If my understanding is correct, you could configure the AP with an EAP-FAST supplicant.

For autonomous APs:

http://www.cisco.com/en/US/docs/wireless/access_point/12.4_10b_JA/configuration/guide/scg12410b-chap11-authtypes.html#wp1071514

For lightweight APs (including a configuration example for the switch):

http://www.cisco.com/en/US/partner/tech/tk722/tk720/technologies_configuration_example09186a00809fbd21.shtml

Regards,

Fede

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards