Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need help configuring EAP-FAST

I'm trying to configure EAP-FAST on one of our controllers to see if it improves our EMR on Dolphin 9900 scanners.  Right now, we are running PEAP with a lot of issues where the EMR locks up and it may be due to roaming issues from AP to AP.  With our PEAP setup, the scanners have to authenticate all the way to AD each time the client roams from AP to AP.  I want to try and configure EAP-FAST to see if it will improves the roaming issues.  Reading all the documentation so far, I've gotten that I need to generate a CA cert, apply the cert to the WLC, reboot the WLC or I could enable LSC, apply the CA cert to create an LSC to apply to the clients.  What if I already have an older cert configred already on our ACS?  Could I reuse the CA cert or would it be better to start from scratch?

New Member

Re: Need help configuring EAP-FAST

           Here Presently you are using PEAP as the authetication method. Here PEAP and EAP-FAST Both will use the Certs to Authenticate the User.

No need to download any additional Certs to the Controller. But in the EAP-FAST the AAA Server will push the PAC to the client to encrypt the data.

In the case of PEAP it won't Happen.

Here you mentioned about LSC Certs.. Those are related to the AP Joinig to the Controller.Here If you Configure the LSC On the Contrller it will force the AP To join the Controller Using LSC Cert. Default the AP Will join using the MIC Cert.

For Better understanding on EAP-FAST use the below Link.