WPA with 802.1x authentication

Unanswered Question
Jul 17th, 2009

Hi experts,

I need clarification in a fundamental concept.

Is it possible to configure WPA with 802.1x authentication without external AAA / ACS server.

If the username and password is configured in local device, is it possible to create 802.1x authentication without RADIUS server

Thanks in advance


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Roman Rodichev Sat, 07/18/2009 - 07:17

You can't do 802.1x without RADIUS. But you can use Local EAP on an Autonomous AP or on a LAP Controller. They can both act as RADIUS servers. Here's an example config for an autonomous AP:

aaa group server radius rad_eap

server auth-port 1812 acct-port 1813


aaa authentication login eap_methods group rad_eap


dot11 ssid ccie

authentication open eap eap_methods

authentication network-eap eap_methods



radius-server local

nas key cisco

user test password test


radius-server host auth-port 1812 acct-port 1813 key cisco

LAP Controller local EAP is configurable through GUI


This Discussion