The documentation bellow show for us how to configure an 1242 LAP as a 802.1x supplicant. The AP send it's own credentials to radius server to authenticating. However, the AP uses EAP-FAST protocol and Microsoft NPS radius server uses PEAP only.
My customer uses Microsoft NPS (Windows 2008 Server) as Radius server and this server accepts only PEAP. All switches ports is with 802.1x configured. So, to the AP releasing the switch port for normal traffic, it sends the own credentials as a 802.1x supplicant. However, this credentials is in a EAP-FAST tunneling but NPS accepts only PEAP, this will work?
You can only use EAP-FAST with anonymous provisining.
The reason why you can't use PEAP is that with PEAP you must have a certificate on the AAA server that is trusted by the supplicant (the AP in our case) but the AP has no certificate authorities trust list to know if the server certificate is trusted or not. Hence, all methods that uses certificates on either the server can not be used (PEAP, EAP-TLS, EAP-TTLS).
One more reason is that the AP as a supplicant is configured with the EAP method = EAP-FAST. It is hard coded and can not be changed. no parameters to modify also excep the username and the password that you have to provide.
You can only use EAP-FAST with anonymous PAC provisning. You can't even use the manual provisning simply because there is no mechanism to put the PAC manually on the AP.
Rating useful replies is more useful than saying "Thank you"
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...