13-21
Cisco Wireless LAN Controller Configuration Guide
OL-17037-01
Chapter 13 Configuring Hybrid REAPWireless Device Access
Configuring Hybrid-REAP Groups
Figure 13-14 HREAP Groups > Edit (Local Authentication > Protocols) Page
h.
To allow a hybrid-REAP access point to authenticate clients using LEAP, check the Enable LEAP
Authentication check box; then go to Step n.
i. To allow a hybrid-REAP access point to authenticate clients using EAP-FAST, check the Enable
EAP-FAST Authentication check box; then go to the next step. The default value is unchecked.
j. Perform one of the following, depending on how you want protected access credentials (PACs) to
be provisioned:
• To use manual PAC provisioning, enter the server key used to encrypt and decrypt PACs in the
Server Key and Confirm Server Key fields. The key must be 32 hexadecimal characters.
• To allow PACs to be sent automatically to clients that do not have one during PAC provisioning,
check the Enable Auto Key Generation check box.
k. In the Authority ID field, enter the authority identifier of the EAP-FAST server. The identifier must
be 32 hexadecimal characters.
l. In the Authority Info field, enter the authority identifier of the EAP-FAST server in text format. You
can enter up to 32 hexadecimal characters.
m. To specify a PAC timeout value, check the PAC Timeout check box and enter the number of seconds
for the PAC to remain viable in the edit box. The default value is unchecked, and the valid range is
2 to 4095 seconds when enabled.
n. Click Apply to commit your changes.
Step 14 Click Save Configuration to save your changes.
Step 15 Repeat this procedure if you want to add more hybrid-REAP groups.
Note To see if an individual access point belongs to a hybrid-REAP group, you can click Wireless >
Access Points > All APs > the name of the desired access point > the H-REAP tab. If the access
point belongs to a hybrid-REAP group, the name of the group appears in the HREAP Group
Name field.
To Next Page
Loading...
Need help?
General
