aaa new-model
!
!
aaa group server radius EAP
server 10.10.11.10 auth-port 1812 acct-port 1813
!
aaa authentication login RAD group EAP
!
dot11 ssid BRIDGE
vlan 10
authentication open eap RAD
authentication network-eap RAD
authentication key-management wpa
infrastructure-ssid
!
encryption vlan 10 mode ciphers aes-ccm
ssid BRIDGE
!
interface Dot11Radio0.10
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
!
interface FastEthernet0.10
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
!
radius-server local
no authentication mac
eapfast authority id ABCDABCDABCDABCDABCDABCDABCDABCD
eapfast authority info BRIDGE-CPMBRAXIS
eapfast server-key primary 7 82F5414EA9119E903612EDC3E3D0E08C8A
nas 10.10.11.10 key cisco
user cisco pass cisco
!
radius-server host 10.10.11.10 auth-port 1812 acct-port 1813 key cisco
NON-ROOT
aaa new-model
!
aaa authentication login RAD group radius
aaa session-id common
!
dot11 ssid BRIDGE
vlan 10
authentication open eap RAD
authentication network-eap RAD
authentication key-management wpa
dot1x credentials BRIDGE
dot1x eap profile EAP-FAST
infrastructure-ssid
!
eap profile EAP-FAST
method fast
!
dot1x credentials BRIDGE
username cisco
password cisco
!
interface Dot11Radio0
encryption vlan 10 mode ciphers aes-ccm
ssid BRIDGE
infrastructure-client
!
interface Dot11Radio0.10
encapsulation dot1Q 10 native
!
interface FastEthernet0.10
encapsulation dot1Q 10 native
no ip route-cache
Nenhum comentário:
Postar um comentário