01-22-2014 11:13 PM - edited 07-05-2021 12:01 AM
Hi,
I am setting up wifi flexconnect solution and is a bit confused regarding what should be the default gateway for the dynamic interfaces which will be created.
Will it be the same as the one for management interface or the will it be the one for the clients.
controller ip 172.16.1.100/24
default-gateway 172.16.1.254
vlan 10
dynamic interface 192.168.1.10/24
default-gateway ?????
vif for this vlan on switch 192.168.1.254
default-gateway for clients 192.168.1.254
Kindly suggest .
Thanks
Solved! Go to Solution.
02-25-2014 06:16 AM
You don't have a radius server?
Thanks,
Scott
*****Help out other by using the rating system and marking answered questions as "Answered"*****
02-26-2014 02:14 AM
Hi Scott,
I am having Cisco ACS as Radius server.
Client gets authenticated now but on ACS logs the protocol is PEAP and not EAP-TLS.
Thanks
02-26-2014 02:57 AM
Also i want to know whether a certificate is required on WLC in case of local EAP only ???
02-26-2014 03:00 AM
If you want to use local EAP then you don't need certificate for (peap) but EAP fast you need it .
Check it here:
Regards
Sent from Cisco Technical Support iPhone App
02-26-2014 10:15 AM
Client gets authenticated now but on ACS logs the protocol is PEAP and not EAP-TLS.
for EAP-TLS , you have to install certificates on client PC & use EAP-TLS as EAP methods when connecting to wireless. On ACS you need to configure a policy/rule when to use EAP-TLS.
If you are using WLC as Auth Server, then it is required to install cert on WLC. Below post explain EAP cert installation process of WLC.
http://mrncciew.com/2013/04/22/configuring-eap-tls-on-wlc/
HTH
Rasika
**** Pls rate all useful resposnes ****
02-28-2014 12:11 AM
Rasika Thanks...I've already followed the link from your blog. Very helpful.
Most of the things are now working as expected.
Need some reference material to understand authentication protocols, related to EAP, PEAP, EAP-TLS, MSCHAP., if you can help.
Also one more issue i am facing is i've added 4 RADIUS servers on WLC and for my WLAN security i have just selected 2 of them. However on logs i can see requests being forwarded to other 2 also. So is there any way to filter RADIUS servers for particular WLAN's only.
Thanks in advance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide