We have NAC Guest Server that is used for creation of guest accounts and authentication of guest users. In this configuration guest SSID on WLC is configured with Web-authentication.
We need to encrypt guest traffic. In this case we need to use 802.1X but web-authentication is supported only with WEP and WPA-PSK. WPA-PSK is not good because PSK should shared between guest users and can be discovered easily.
Could we use NAC Guest server as RADIUS in 802.1X configuration for guest users SSID? This gives us opportunity to encrypt guest traffic using AES or TKIP.