Unanswered Question
Jun 9th, 2009

Hi NetPro.

EAP-TLS is working now, but how to configure EAP-FAST as the backup in case TLS is failure then user still able to use FAST as the second choice ?

your reply will be highly appreciated.

thanks heaps.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dancampb Wed, 06/10/2009 - 05:18

All you really need to do is enabled EAP-FAST on the Radius server. If you are running a controller environment there isn't any changes on the controller needed. If you are running autonomous make sure you have both "authentication open..." and "authentication network-eap..." configured under the SSID. They only thing that would need to be changed would be the client. You could setup two profiles, one for TLS and the other for EAP-FAST.

ney25 Thu, 06/11/2009 - 18:31

Hi Dancampb.

Thanks for your information, currently i am using Cisco Appliance 1113 box. what is the requirement to setting up this EAP-TLS and EAP-FAST ? i have done the configuration with the necessary checks for EAP-FAST / TLS . but seems like only EAP-TLS working fine whereby EAP-FAST is failed.

your reply will be highly appreciated.



jicr Wed, 06/24/2009 - 00:44

EAP FAST has two version v1 and v2. Which version you are using??

I suggest you to use EAP FST v1 as you already have a EAP TLS setup and it will be easy to manage that setup and more secure also.

Wht is the error you are getting while EAP FAST auth??? check "debug aaa events enable"


This Discussion