Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
439
Views
0
Helpful
2
Replies

wlc works by authenticator server

Go to solution
Augustgood
Level 1
Level 1

‎11-13-2013 09:16 AM - edited ‎07-04-2021 01:15 AM

Hi

In flex-connect local switching wlc work by authenticator server, or each ap contact the authentication server ?

I would like to hear your opinion I think the wlc works by autenticator in 802.1x, all client send in tunnel capwap 802.1x message to wlc that act like proxy.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎11-13-2013 09:49 AM

Yes and no. If you have created a FlexConnect Group, in there you specify the radius server and the shared secret so when communication is lost between the AP and the WLC, 802.1x authentication still works. If the WLC is up and the FlexConnect AP's are joined to the WLC, then the WLC sends the request to the radius server. So depends in if the FlexConnect is connected or standalone.

http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob73dg/ch7_HREA.html

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎11-13-2013 09:49 AM

Yes and no. If you have created a FlexConnect Group, in there you specify the radius server and the shared secret so when communication is lost between the AP and the WLC, 802.1x authentication still works. If the WLC is up and the FlexConnect AP's are joined to the WLC, then the WLC sends the request to the radius server. So depends in if the FlexConnect is connected or standalone.

http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob73dg/ch7_HREA.html

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Abha Jha
Cisco Employee
Cisco Employee

‎11-14-2013 11:32 AM

There are different scenarios:-

1. Central Dot1X Authentication (Flex 7500 Acting as Authenticator)

2. Central Dot1X Authentication (FlexConnect APs Acting as Authenticator)

3. Local Authentication

Before the 7.0.98.0 code release, local authentication was supported only when FlexConnect is in Standalone Mode to ensure client connectivity is not affected during WAN link failure. With the 7.0.116.0 release, this feature is now supported even when FlexConnect access points are in Connected Mode.

4. Dot1X Authentication (FlexConnect APs Acting as Local-EAP Server)

Link:-

https://www.cisco.com/en/US/docs/wireless/controller/technotes/7.5/Flex_7500_DG.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card