Please can someone help with this as I'm tearing my hair out!
Hardware: Cisco 3750 switch and Cisco autonomous access point (AIR-AP1142N-E-K9).
Requirement: A single broadcast SSID; use dot1x to assign vlan 98 to authenticated clients (computer certificate); assign vlan 3 (guest) if the authentication fails.
I can achieve assigning a guest vlan on authentication failure when using a wired connection by using the following command on the interface:
authentication event fail action authorize vlan 3
I'm after a way to achieve the above using the wireless access point.
The main point is that internal users cannot access vlan 3 as they have a valid certificate and that guests do not have to authenticate.
Many thanks in advance