Solved

Repeating a 802.1x AP

Posted on 2014-02-22
8
904 Views
Last Modified: 2014-02-25
Hi Guy's

Does anyone know if you can repeat a 802.1x Radius Auth. WPA-PSK signal.  The On-Network repeater I have won't do it, because it's not an open network, therefore it's looking for a passphrase that doesn't t exist as it's Radius auth.

Thanks

IM
0
Comment
Question by:ianmclachlan
  • 4
  • 2
  • 2
8 Comments
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39879283
No - you can't repeat an 802.1x-secured SSID.  You may be able to bridge it though using WDS.
0
 
LVL 16
ID: 39879697
You didn't really specify what wireless products you're using, but if you are using commercial Cisco Wireless products you can absolutely accomplish what you're trying to do.

A Cisco AP can be set in repeater mode and be a 802.1x supplicant (client).

MO
0
 

Author Comment

by:ianmclachlan
ID: 39879740
Sorry, it was a netgear AP.  

I assume, you need a Master cisco AP, and other Cisco AP's to achieve this scenario?
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 45

Expert Comment

by:Craig Beck
ID: 39879742
That's true.

There is a caveat or two to this though -

1] You can only do this with Autonomous APs
2] You can only do this with newer APs (1121, 1231 aren't supported).
3] IIRC you can only repeat one SSID in this way.
4] It doesn't work with all EAP types.

Good catch MO :-)
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39879745
That's right Ian.
0
 

Author Comment

by:ianmclachlan
ID: 39885164
Thanks for all your help.  I suppose I should fill you in with the background of what I am trying to achieve.

We have a relatively large building, and I am trying to create one ESSID that uses 802.1x Authentication - rather than having multiple AP's / ESSID's.  I thought, (wrongly) I could maybe do this by creating a master AP and using repeaters throughout the building.

What would you guys recomend?

Again, thanks so much for your help

Ian
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39885214
If that's what you want you should really do this properly - repeating isn't the way to do this at all.

An ESSID is actually a lot of different BSSIDs all advertising the same SSID, so it's correct to have lots of BSSIDs in the same ESSID.
(BSSID = AP, ESSID = Group of APs).

A few rules to a successful 802.1x-over-WLAN deployment...

- Each AP should be hard-wired back to the network.
- Each AP should use the same SSID/Authentiation/Encryption settings (to make it part of the ESSID).
- Each AP should talk directly to the RADIUS server.
0
 
LVL 16
ID: 39885953
To add to that, if you're not using a controller based solution, make sure your bordering AP's are on non-overlapping channels (1, 6 and 11) and that they overlap each other by about 20% for good roaming coverage.

MO
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article I will describe how to setup a Cisco WLC 5508 to work with Apple's Bonjour protocol across VLANs.  I will also discuss using screen mirroring and Airplay on an AppleTV v3.  This article covers the wireless network only and requires m…
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now