Tuesday, March 3, 2020

Cisco 2800 Remote LAN & 802.1X

Hi

I have setup a Remote LAN on a 5520 WLC running version 8.10 .112.0. The purpose is to be able to connect a printer to the AUX Port and have it come online as a regular switchport.

I have bridged the remote lan SSID to the corporate interface in the controller and it works like a charm until i enable 802.1X on the SSID.

It appears that no traffic is allowed on the port before it's authenticated, so by the time i reach the desktop on the PC, DHCP has timed out and assigned a 169.254.X.X address. Once it's authenticated i can manually do an ipconfig /renew in which it receives an IP-Address.. This is obviously easy from a laptop which i'm using for testing but not applicable from a printer.

The cisco documentation is terrible for this topic and says nothing but "simply enable 802.1X"..

There is a checkmark saying "Pre Authentication", when enabled it asks for a pre auth vlan id, i have tried to configure litterally any VLAN i have available on the WLC but it does not make any change. The client still does not receive an IP-address until i manually type in ipconfig /renew in a CMD.

Does anyone have any experience with 802.1X on Remote LAN AP's and know how to accommodate this so the device can actually receive an IP-Address prior to being authenticated?



No comments:

Post a Comment