?
Solved

Repeating a 802.1x AP

Posted on 2014-02-22
8
Medium Priority
?
1,092 Views
Last Modified: 2014-02-25
Hi Guy's

Does anyone know if you can repeat a 802.1x Radius Auth. WPA-PSK signal.  The On-Network repeater I have won't do it, because it's not an open network, therefore it's looking for a passphrase that doesn't t exist as it's Radius auth.

Thanks

IM
0
Comment
Question by:ianmclachlan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 46

Expert Comment

by:Craig Beck
ID: 39879283
No - you can't repeat an 802.1x-secured SSID.  You may be able to bridge it though using WDS.
0
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 39879697
You didn't really specify what wireless products you're using, but if you are using commercial Cisco Wireless products you can absolutely accomplish what you're trying to do.

A Cisco AP can be set in repeater mode and be a 802.1x supplicant (client).

MO
0
 

Author Comment

by:ianmclachlan
ID: 39879740
Sorry, it was a netgear AP.  

I assume, you need a Master cisco AP, and other Cisco AP's to achieve this scenario?
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 46

Expert Comment

by:Craig Beck
ID: 39879742
That's true.

There is a caveat or two to this though -

1] You can only do this with Autonomous APs
2] You can only do this with newer APs (1121, 1231 aren't supported).
3] IIRC you can only repeat one SSID in this way.
4] It doesn't work with all EAP types.

Good catch MO :-)
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 39879745
That's right Ian.
0
 

Author Comment

by:ianmclachlan
ID: 39885164
Thanks for all your help.  I suppose I should fill you in with the background of what I am trying to achieve.

We have a relatively large building, and I am trying to create one ESSID that uses 802.1x Authentication - rather than having multiple AP's / ESSID's.  I thought, (wrongly) I could maybe do this by creating a master AP and using repeaters throughout the building.

What would you guys recomend?

Again, thanks so much for your help

Ian
0
 
LVL 46

Accepted Solution

by:
Craig Beck earned 2000 total points
ID: 39885214
If that's what you want you should really do this properly - repeating isn't the way to do this at all.

An ESSID is actually a lot of different BSSIDs all advertising the same SSID, so it's correct to have lots of BSSIDs in the same ESSID.
(BSSID = AP, ESSID = Group of APs).

A few rules to a successful 802.1x-over-WLAN deployment...

- Each AP should be hard-wired back to the network.
- Each AP should use the same SSID/Authentiation/Encryption settings (to make it part of the ESSID).
- Each AP should talk directly to the RADIUS server.
0
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 39885953
To add to that, if you're not using a controller based solution, make sure your bordering AP's are on non-overlapping channels (1, 6 and 11) and that they overlap each other by about 20% for good roaming coverage.

MO
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question