I have a Cisco aironet 1040.
On my Accespoint i have 2 vlans: 1 for my wifi phones and 1 for my network.
Wifi Lan has the SSID LAN with WPA enterprise authentication to a radius server(ms server 2008).
Wifi Phone has SSID PHONE and vlan 50 with local radius authentication.
This Works all fine, Except when i enable AP for my wifi phones.
When AP is enabled the authentication for my lan doesn’t go to my server but local.
How do I configure my accesspoints so that the cisco phones use the local radius server with AP and my windows computers connect using the ms radius server?
Hope some one can help
Attached is my current config.
aaa group server radius rad_eap
server auth-port 1645 acct-port 1646
aaa group server radius WDS-AUTH
server auth-port 1812 acct-port 1813
aaa group server radius VOICE-AUTH
aaa authentication login eap_methods group rad_eap
Both of the SSID are calling to eap_methods. What you need to do is configure another aaa authentication line:
** aaa authentication login phone_method group VOICE-AUTH**
then call that as your network-eap:
dot11 ssid VOICE