Solved

Repeating a 802.1x AP

Posted on 2014-02-22
8
1,035 Views
Last Modified: 2014-02-25
Hi Guy's

Does anyone know if you can repeat a 802.1x Radius Auth. WPA-PSK signal.  The On-Network repeater I have won't do it, because it's not an open network, therefore it's looking for a passphrase that doesn't t exist as it's Radius auth.

Thanks

IM
0
Comment
Question by:ianmclachlan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 46

Expert Comment

by:Craig Beck
ID: 39879283
No - you can't repeat an 802.1x-secured SSID.  You may be able to bridge it though using WDS.
0
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 39879697
You didn't really specify what wireless products you're using, but if you are using commercial Cisco Wireless products you can absolutely accomplish what you're trying to do.

A Cisco AP can be set in repeater mode and be a 802.1x supplicant (client).

MO
0
 

Author Comment

by:ianmclachlan
ID: 39879740
Sorry, it was a netgear AP.  

I assume, you need a Master cisco AP, and other Cisco AP's to achieve this scenario?
0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 46

Expert Comment

by:Craig Beck
ID: 39879742
That's true.

There is a caveat or two to this though -

1] You can only do this with Autonomous APs
2] You can only do this with newer APs (1121, 1231 aren't supported).
3] IIRC you can only repeat one SSID in this way.
4] It doesn't work with all EAP types.

Good catch MO :-)
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 39879745
That's right Ian.
0
 

Author Comment

by:ianmclachlan
ID: 39885164
Thanks for all your help.  I suppose I should fill you in with the background of what I am trying to achieve.

We have a relatively large building, and I am trying to create one ESSID that uses 802.1x Authentication - rather than having multiple AP's / ESSID's.  I thought, (wrongly) I could maybe do this by creating a master AP and using repeaters throughout the building.

What would you guys recomend?

Again, thanks so much for your help

Ian
0
 
LVL 46

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39885214
If that's what you want you should really do this properly - repeating isn't the way to do this at all.

An ESSID is actually a lot of different BSSIDs all advertising the same SSID, so it's correct to have lots of BSSIDs in the same ESSID.
(BSSID = AP, ESSID = Group of APs).

A few rules to a successful 802.1x-over-WLAN deployment...

- Each AP should be hard-wired back to the network.
- Each AP should use the same SSID/Authentiation/Encryption settings (to make it part of the ESSID).
- Each AP should talk directly to the RADIUS server.
0
 
LVL 16

Expert Comment

by:Michael Ortega
ID: 39885953
To add to that, if you're not using a controller based solution, make sure your bordering AP's are on non-overlapping channels (1, 6 and 11) and that they overlap each other by about 20% for good roaming coverage.

MO
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question