Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6866
Views
20
Helpful
21
Replies

3802I - 3800 DOT1X 802.1x - AP does not leverage credentials

Jacob-Harris
Level 1
Level 1

‎10-27-2016 09:44 AM - edited ‎07-05-2021 06:03 AM

Community,

We've used 3602's for some time now, and have configured them to leverage a user name and pass to authenticate to the network switches via 802.1x vs force authenticating the network ports for the AP's.

We've recently started to deploy 3802's and are not able to get them to authenticate to the network.  

The controller supports this configuration, and we can't find anything that says the 3802 won't support this as a change.

Does anyone have any idea if somethings changed? or something special to get this working again?

Thanks,

1 person had this problem
Labels:
0 Helpful
21 Replies 21

patoberli
VIP Alumni
VIP Alumni
In response to swapsakker

‎01-07-2019 12:44 AM

So you did open a TAC and requested the feature backported into the older release?

Only if enough people do that, they might consider doing it.


0 Helpful

b.vanderkolk
Level 1
Level 1
In response to patoberli

‎01-07-2019 01:27 AM - edited ‎01-07-2019 01:31 AM

Yes, i did. TAC told me that i should contact sales to create an enhancement request so this feature would be backported or included in a new release but they (sales) refused to create the enhancement req.. They said it won't have any chance of succeeding so i left it at that point.. probably i have to buy some additional AP's soon and if sales is still not willing to co-operate and provide a major discount for example i think it's time to look at the competition..

0 Helpful

Tymofii Dmytrenko
Level 1
Level 1

‎04-09-2019 09:39 AM

I am actually very surprised how easy Cisco can remove vital features from their product line. I mean it...

 

802.1X support is vital to many companies

And... surprise surprise some companies have deployed Cisco APs using EAP-FAST and Dot1X...

 

How can they release a new AP, but not port an existing feature is beyond my understanding.

Promise to re-invent this feature in a later release 3 years after is (excuse me) nothing but b******

 

Please use 'very secure MAB' in the meantime. Thanks guys!

0 Helpful

Tymofii Dmytrenko
Level 1
Level 1
In response to Tymofii Dmytrenko

‎04-09-2019 09:43 AM

Just found this

 

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-7/b_802_1x_eap_supplicant_on_cos_ap.html

 

We are on 8.5 and there's no desire to go bleeding edge and to upgrade to 8.7 yet

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to Tymofii Dmytrenko

‎04-09-2019 10:16 AM

8.8.120.0 was just released and is the second patch release of the 8.8 train. That means that it should be stable enough for most enterprises.

0 Helpful

swapsakker
Level 1
Level 1
In response to patoberli

‎04-10-2019 12:31 AM

Thanks for the info.

 

But i still no 802.1x support right?

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to swapsakker

‎04-10-2019 01:07 AM

It is supported with 8.7 and newer. 8.8 is newer than 8.7, so it's supported.
See the release notes, it's not anymore listed under the "features not supported" for 8.8.120.0: https://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn88mr2.html#ap-wave2

In 8.5.140.0 it was listed as unsupported: https://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn85mr4.html#ap-wave2
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card