> Hi, > > I've been told that Cisco APs won't do WPA with MAC auth in recent > versions of IOS. > > how would that have worked anyway - you need the key exchange and the > right type of EAP for WPA and wireless > > alan > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html
The only way I can think of it working was if using Cisco's local MAC list on the AP itself. I tried testing briefly with EAP and MAC set FR only. In about a minute or so, I received about 2K EAP requests all returning Access-Reject. If I get a few spare moments to test, I'll try adding my MAC to the local list and tell the AP to use the local list for MAC and FR for EAP. I have a feeling this might work, but I am certainly not going back to maintaining MAC lists on all of our APs (both because I'd have to modify the APs again to have enough storage space to hold the MAC list and because it's a pain to keep that many lists in sync) and I think using a check in FR is a much cleaner solution in many ways. -- John McDonnell Penn Cambria School District [email protected] O< ASCII Ribbon Campaign - Stop HTML e-mail! - www.asciiribbon.org
smime.p7s
Description: S/MIME cryptographic signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
