Solved

Repeating a 802.1x AP

Posted on 2014-02-22
8
820 Views
Last Modified: 2014-02-25
Hi Guy's

Does anyone know if you can repeat a 802.1x Radius Auth. WPA-PSK signal.  The On-Network repeater I have won't do it, because it's not an open network, therefore it's looking for a passphrase that doesn't t exist as it's Radius auth.

Thanks

IM
0
Comment
Question by:ianmclachlan
  • 4
  • 2
  • 2
8 Comments
 
LVL 45

Expert Comment

by:Craig Beck
Comment Utility
No - you can't repeat an 802.1x-secured SSID.  You may be able to bridge it though using WDS.
0
 
LVL 16

Expert Comment

by:Michael Ortega (Internetwerx, Inc.)
Comment Utility
You didn't really specify what wireless products you're using, but if you are using commercial Cisco Wireless products you can absolutely accomplish what you're trying to do.

A Cisco AP can be set in repeater mode and be a 802.1x supplicant (client).

MO
0
 

Author Comment

by:ianmclachlan
Comment Utility
Sorry, it was a netgear AP.  

I assume, you need a Master cisco AP, and other Cisco AP's to achieve this scenario?
0
 
LVL 45

Expert Comment

by:Craig Beck
Comment Utility
That's true.

There is a caveat or two to this though -

1] You can only do this with Autonomous APs
2] You can only do this with newer APs (1121, 1231 aren't supported).
3] IIRC you can only repeat one SSID in this way.
4] It doesn't work with all EAP types.

Good catch MO :-)
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 45

Expert Comment

by:Craig Beck
Comment Utility
That's right Ian.
0
 

Author Comment

by:ianmclachlan
Comment Utility
Thanks for all your help.  I suppose I should fill you in with the background of what I am trying to achieve.

We have a relatively large building, and I am trying to create one ESSID that uses 802.1x Authentication - rather than having multiple AP's / ESSID's.  I thought, (wrongly) I could maybe do this by creating a master AP and using repeaters throughout the building.

What would you guys recomend?

Again, thanks so much for your help

Ian
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
Comment Utility
If that's what you want you should really do this properly - repeating isn't the way to do this at all.

An ESSID is actually a lot of different BSSIDs all advertising the same SSID, so it's correct to have lots of BSSIDs in the same ESSID.
(BSSID = AP, ESSID = Group of APs).

A few rules to a successful 802.1x-over-WLAN deployment...

- Each AP should be hard-wired back to the network.
- Each AP should use the same SSID/Authentiation/Encryption settings (to make it part of the ESSID).
- Each AP should talk directly to the RADIUS server.
0
 
LVL 16

Expert Comment

by:Michael Ortega (Internetwerx, Inc.)
Comment Utility
To add to that, if you're not using a controller based solution, make sure your bordering AP's are on non-overlapping channels (1, 6 and 11) and that they overlap each other by about 20% for good roaming coverage.

MO
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
belkin wifi stick 12 83
Prevent wireless mice interfere 4 68
hp laptop wireless issue 19 60
WiFi Blackspot within home network 7 36
Multi-source agreements are important because they set standards that all manufacturers should follow to ensure that devices are compatible with multiple vendors. The multi-source agreement (MSA) is an agreement that establishes how multiple vendors…
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now