eap_tls with cisco aironet 1100 and cisco 350 serie pcmcia

[Basile Mathieu]

does someone configure cisco aironet 1100 ( AP ) and cisco serie 350 for
eap_tls with freeradius
the configuration of the AP interess me
thanks
basile
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: eap_tls with cisco aironet 1100 and cisco 350 serie pcmcia

[Jean-Paul Chapalain]

Hi Mathieu,

See below a part of my config for a AP1200 Cisco that running for any 
EAP authentication : (IOS 12.2(8)JA)

aaa new-model
!
!
aaa group server radius rad_eap
 server  auth-port 1812 acct-port 1813
!
aaa authentication login default group radius local
aaa authentication login eap_methods group rad_eap
aaa authorization exec default group radius local
aaa accounting exec default start-stop group radius
bridge irb
!
!
interface Dot11Radio0
 description --- Port Radios 802.11b 
 no ip address
 no ip route-cache
 encryption key 1 size 40bit 0  transmit-key
 encryption mode wep mandatory
 !
 !
 ssid test-eap
max-associations 31
authentication open eap eap_methods
authentication network-eap eap_methods
 speed basic-5.5 11.0
 rts threshold 2339
 power local 50
 channel 2442
 fragment-threshold 2338
 station-role root
 l2-filter bridge-group-acl
 no cdp enable
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 speed 100
 full-duplex
 ntp broadcast client
 l2-filter bridge-group-acl
 no cdp enable
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface BVI1
 description --- Interface interne --- 

 ip address  255.255.255.0
 no ip route-cache
!
ip default-gateway 
no ip http server
ip radius source-interface BVI1
radius-server host  auth-port 1812 acct-port 1813 timeout 3
radius-server retransmit 3
radius-server key 
radius-server authorization permit missing Service-Type
radius-server vsa send accounting
radius-server vsa send authentication
bridge 1 route ip
!
end
Basile Mathieu wrote:
does someone configure cisco aironet 1100 ( AP ) and cisco serie 350 for
eap_tls with freeradius
the configuration of the AP interess me
thanks
basile
- List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html
Regards.
Jean-Paul.
--
--  Jean-Paul Chapalain - GICM -  Resp. Reseaux et Infrastructure
--  32 rue Mirabeau - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE
--  Tel +33298002873 - Fax +33298284005 - [EMAIL PROTECTED]
--  Key Fingerprint: 192C 1CFE F24A 050D F280 A086 AF15 8631 3ABB 4C7D


smime.p7s
Description: S/MIME Cryptographic Signature

Re: eap_tls with cisco aironet 1100 and cisco 350 serie pcmcia

[Artur Hecker]

hi basile

yes, we have it here since 2002 :-) what exactly do you want to know?

ciao
artur
Basile Mathieu wrote:

does someone configure cisco aironet 1100 ( AP ) and cisco serie 350 for
eap_tls with freeradius
the configuration of the AP interess me
--
__
Artur Heckerhttp://www.enst.fr/~hecker
Groupe Accès et Mobilité  /  Computer Science and Networks
E N S T  Paris ___
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html