cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
716
Views
0
Helpful
5
Replies

EAP-TLS with WLC 4404 (Which Layer 2 option do I choose)

kfarrington
Level 3
Level 3

Hi All,

I want to setup a WLAN that uses EAP-TLS.

WiFi PC <-----> LWAP <------> WLC <----> Radius Server

Under the Layer 2 tab for security on the WLC what option do I use for the following :-

Layer 2 Security (I am assuming WPA+WPA2 as that what the laptops will be using)

Auth Key Mgmt ?

I am a bit confused by the 802.1x in both of these fields, one for Layer two Security and one for Auth Key Mgmt?

Many thx indeed guys,

Ken

1 Accepted Solution

Accepted Solutions

Scott Fella
Hall of Fame
Hall of Fame

You would choose Layer 2 Security: WPA+WPA2

Then on the WPA+WPA2 Parameters choose WPA2 Policy with WPA2 Encryption. Under Auth Key Mgmt choose 802.1x.

Now if you require the use of WPA Policy, then also choose TKIP for that.

Then for your AAA Server tab choose your radius servers.

That is it.

-Scott
*** Please rate helpful posts ***

View solution in original post

5 Replies 5

Scott Fella
Hall of Fame
Hall of Fame

You would choose Layer 2 Security: WPA+WPA2

Then on the WPA+WPA2 Parameters choose WPA2 Policy with WPA2 Encryption. Under Auth Key Mgmt choose 802.1x.

Now if you require the use of WPA Policy, then also choose TKIP for that.

Then for your AAA Server tab choose your radius servers.

That is it.

-Scott
*** Please rate helpful posts ***

Thx fella :)

I chose 802.1x+cckm for fast roaming. Any caveats to this, as we will be testing 7921 phones on this test WLAN also?

Many thx

Ken

It shouldn't be a problem. Here is the 7921 delpoyment guide that you should also look at.

http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7921g/6_0/english/deployment/guide/7921dply.pdf

-Scott
*** Please rate helpful posts ***

Thx very much mate :)

Not a problem... with 1.2(1) you can validate the server certificate.

http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7921g/firmware/1_2_1/english/release/notes/7921_12.html#wp213768

-Scott
*** Please rate helpful posts ***
Review Cisco Networking for a $25 gift card