cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
369
Views
1
Helpful
2
Replies
BATCCOLOGIN
Beginner

WiFi 802.1X Security

Does anyone know when the Aironet access points will be able to use any nominated VLAN as the management VLAN instead of VLAN 1?

Currently we have a successful dot1X (EAP-TLS) implementation running but I am a little concerned with having to use VLAN1.

Ideally I'd like to use bespoke VLAN ID to improve security.

Cheers

DH

2 REPLIES 2
Mark Pareja
Beginner

Cisco Aironet IOS Based devices can accomplish this today, please reference this document http://www.cisco.com/en/US/customer/products/ps5861/products_configuration_guide_chapter09186a00804158b8.html

It outlines creating an SVI for Management purposes.

Hmm.. The document you point me to is Aironet 1300 whereas I use the 1200. Though I didn't make this completely clear to be fair.

There is a caveat at the start of the 1200 Series docs that states the equipment must use VLAN1 for management and authorisation.

My question was whether Cisco had managed to remove this limitation as most intrusion based attacks on network infrastructure equipment target VLAN 1 by default.

Anybody else got any ideas? I repeat, the WLAN is working fine and this is only a "nice to have" scenario.

Thanks

Content for Community-Ad