Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

What's the difference between "Network EAP" and "Open with EAP"?

AP 1200 with IOS 12.2.13.JA2

Can someone tell me what is the difference between the following Authentication Methods:

Open Authentication with EAP

Network EAP

I think that the second one will ensure that the 802.1x authentication is successfull before the association can occur while the first one will let the client associate with the AP then will require EAP. Is this correct? What is the security problem with the first one?

I know that cisco recommend enabling both option to use LEAP on Cisco and non-Cisco clients. I just wanted to know the difference between the two option. If the "Open with EAP" work better with non-Cisco client then why not just use this option for all client?

Thanks to give me some light on this subject

Michel

2 REPLIES
Bronze

Re: What's the difference between "Network EAP" and "Open with E

Some non-Cisco Aironet client adapters do not perform 802.1x authentication to the access point unless you configure Open authentication with EAP.

So rule of thumb is

- Cisco clients with LEAP, use network-eap

- non-Cisco clients with LEAP, use open-eap

- all clients with other EAP, use open-eap

http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_guide_chapter09186a00801d030d.html#1035193

New Member

Re: What's the difference between "Network EAP" and "Open with E

Correct me if I'm wrong but here's what I thought:

"authentication network-eap eap_methods" configures LEAP.

"authentication open eap eap_methods" configures EAP-TLS or PEAP. The open referes to not using WEP keys to authenticate the Client. EAP is used instead.

Serge

821
Views
10
Helpful
2
Replies
CreatePlease login to create content