Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Configuring the Access Point 1602 IOS 15.2(2)JAX as a Local RADIUS for a MAC authenticator

Hello Everyone,

 

I have an issue with my Cisco 1602 WAP. I am trying to configure the WPA-PSK and MAC authentication on local RADIUS but I don't know why it doesn't work and client can bypass the MAC authentication. below is partial configuration:

 

dot11 ssid WLAN
   vlan 20
   authentication open
   authentication key-management wpa version 2
   mbssid guest-mode
   wpa-psk ascii 7 XXX

 

interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption mode ciphers aes-ccm
 !
 encryption vlan 20 mode ciphers aes-ccm
 !
 ssid WLAN
 !
 antenna gain 0
 stbc
 beamform ofdm
 mbssid
 channel 2462
 station-role root
!
interface Dot11Radio0.20
 encapsulation dot1Q 20 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding

interface BVI1
 ip address 10.133.16.2 255.255.255.128
 no ip route-cache

 

adius-server local
    nas 10.133.16.2 key 7 10.133.16.2
  group MAC
    vlan 20
    ssid WLAN
    block count 3 time infinite
    reauthentication time 1800

 user 54724f80421c  password 54724f80421c group MAC 

 

#######################################################

Further information can be provided by request.

 

Cheers,

Parham

 

 

 

 

1 REPLY

what are you trying to

what are you trying to accomplish?

 

With the PSK you aren't telling the client it needs to do .1x auth for the Mac authentication.

 

If you are just trying to keep some clients off the wireless, I would take a look at doing a MAC ACL (ACL 700)

 

HTH,

Steve

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
272
Views
0
Helpful
1
Replies
CreatePlease login to create content