Solved: Re: EAP-TLS with WLC 4404 (Which Layer 2 option do I choose)

kfarrington · ‎09-11-2008

Hi All,

I want to setup a WLAN that uses EAP-TLS.

WiFi PC <-----> LWAP <------> WLC <----> Radius Server

Under the Layer 2 tab for security on the WLC what option do I use for the following :-

Layer 2 Security (I am assuming WPA+WPA2 as that what the laptops will be using)

Auth Key Mgmt ?

I am a bit confused by the 802.1x in both of these fields, one for Layer two Security and one for Auth Key Mgmt?

Many thx indeed guys,

Ken

Scott Fella · ‎09-11-2008

You would choose Layer 2 Security: WPA+WPA2

Then on the WPA+WPA2 Parameters choose WPA2 Policy with WPA2 Encryption. Under Auth Key Mgmt choose 802.1x.

Now if you require the use of WPA Policy, then also choose TKIP for that.

Then for your AAA Server tab choose your radius servers.

That is it.

-Scott
*** Please rate helpful posts ***

Scott Fella · ‎09-11-2008

You would choose Layer 2 Security: WPA+WPA2

Then on the WPA+WPA2 Parameters choose WPA2 Policy with WPA2 Encryption. Under Auth Key Mgmt choose 802.1x.

Now if you require the use of WPA Policy, then also choose TKIP for that.

Then for your AAA Server tab choose your radius servers.

That is it.

-Scott
*** Please rate helpful posts ***

kfarrington · ‎09-11-2008

Thx fella :)

I chose 802.1x+cckm for fast roaming. Any caveats to this, as we will be testing 7921 phones on this test WLAN also?

Many thx

Ken

Scott Fella · ‎09-12-2008

It shouldn't be a problem. Here is the 7921 delpoyment guide that you should also look at.

-Scott
*** Please rate helpful posts ***

kfarrington · ‎09-12-2008

Thx very much mate :)

Scott Fella · ‎09-12-2008

Not a problem... with 1.2(1) you can validate the server certificate.

-Scott
*** Please rate helpful posts ***