I would like to enable a single SSID to support EAP and non-EAP clients. This is to enable non-EAP clients to be directed to a captive login portal, and EAP clients to go directly to the network.
I am able to make EAP optional for authentication, but can't seem to make WEP optional. (WEP is probably not the end-game, but I'm trying to get the lowest common denominator working)
my configuration contains:
dot11 ssid MYSSID
authentication open optional eap EAPAUTH
encryption mode wep optional
This works fine for users using Open authentication, and no encryption.
Users using Open authentication, with 802.1x and WEP encryption are not able to associate with the AP, and I never even see an authentication/association attempt.
Thanks in advance.