09-14-2007 08:07 AM - edited 07-03-2021 02:37 PM
I've configured a 2811 ISR with an HWIC-AP-G-A for LEAP w/ RADIUS authentication. I am searching for documentation for configuring PEAP but am having a hard time finding what I am looking for.
Could anyone point me in the right direction, and tell me if it is possible to accomplish all on the router? I made a root cert through IIS tools and am not quite sure how to go about uploading it and associating it with AAA/RADIUS. Thanks in advance.
09-14-2007 08:04 PM
As long as you are using an external Radius server all you need to do is make sure you have "authentication open eap..." under your SSID config. LEAP only uses the "authentication network-eap..." statement but PEAP and other EAP methods use the open statement.
If you are trying to use the local Radius server you will be limited to LEAP and EAP-FAST.
09-17-2007 04:32 AM
Yes everything is local but i don't understand why that would limit the use of certificates.
It's a 2811 ISR router with an HWIC-AP module in it for wireless.
What about EAP-TTLS using PKI? Would that be possible on the ISR?
09-17-2007 11:20 AM
Ok. I was unaware that you could only use LEAP or EAPFAST on a local authenticator.
That being said.. Anyone have suggestions for documentation on EAPFAST? I used the Cisco default configuration which is printed in 2-3 manuals for it on a local authenticator and cannot get it to work. Word for word step by step.. I'm just trying to see what my options are on an ISR with everything built in and don't want to use an external server. Thanks in advance.
09-19-2007 11:41 AM
bump.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide