03-17-2005 10:30 AM - edited 07-04-2021 10:34 AM
Has anyone got any experience of all of the above.
Some background - The FWSM is in transparent mode, using virtual contexts between the VRF and the main routing table to ensure relevant mobility traffic passes through the relevant security context.
I can authenticate with LEAP via RADIUS, then obtain an IP through DHCP, ping my gateway from wireless client but not outside my VRF. If I remove the VRF from the tunnel interface associated with my mobility group all connectivity OK.
With EAPFAST I can authenticate via RADIUS, but do not get an address through DHCP. If I use a static ( and use mobility trust on tunnel interface )I can not ping my gateway. If I remove the VRF off the tunnel interface associated with this type of users mobility group, I receive an address through DHCP, and can ping merrily everywhere.
Has anybody got any thoughts if I am missing something here?
03-23-2005 09:58 AM
The software requirements for Cisco Secure ACS are dependent on the type of Extensible Authentication Protocol (EAP) desired. For full support of all the EAP types including EAP-Flexible Authentication via Secure Tunneling (FAST), use release 3.2.3 or higher.
04-18-2005 08:42 AM
I am not sure if transparent mode is supported with your configuration. Can you please post or send me the config of your SUP720 and FWSM?
If you found your answer in the meantime, please let me know.
Thanks,
Andras
04-18-2005 08:42 AM
I am not sure if transparent mode is supported with your configuration. Can you please post or send me the config of your SUP720 and FWSM?
If you found your answer in the meantime, please let me know.
Thanks,
Andras
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide