Re: EAP & OPEN

d.locci · ‎02-03-2003

Hi guys,

I have a Aironet AP1100; the users should be authenticated throught the radius server in the EAP-TLS mode or in the open authentication mode.

this is my configuration for the authentication in the ssid:

!

ssid AIR-TEST

authentication open

authentication network-eap eap_methods

guest-mode

!

the client with 802.1x authentication can't access to the radius server and the user can only authenticate when the configuration changed so:

!

ssid AIR-TEST

authentication open eap eap_methods

guest-mode

!

but in this way the open authentication is disabled, and I need to use both authentication.

does it exist a method to enable both authentication? (open and EAP-TLS)

thanx a lot

Daniele

tepatel · ‎02-04-2003

The first config should work for both types..Try to configure and test one authentication type at a time just to verify that "network-eap" works alone without "open" authentication. After that combine both the types togather.

Here is the url which discuss what to configure on AP and on client for different authentication types

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo1100/accsspts/ap11icg/ivicgaut.htm

Here is the url which has debug command for that, see is it helps to troubleshoot more.

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo1100/accsspts/ap1100cr/crcli.htm#xtocid12

ndoshi · ‎02-13-2003

Hi Daniele ,

it seems you want to allow certain users open and certain users doing eap tls

One way u can do is create different vlan and put both groups in different vlan

and different ssid , You can have different authentication mechanisam for each set

Or you can have encryption optional which allws both all clients .