Converged Wired and Wireless Access
Provisioning a Small Branch WLAN
93
Best Practice User Guide for the Catalyst 3850 and Catalyst 3650 Switch Series
Provision in Secure Mode
Secure mode allows secure wireless connectivity. End users are authenticated by an external RADIUS
server or ISE. Provision in secure mode if your network does not permit open access for any wireless
device.
• Enable the AAA RADIUS Server
• Configure the WLAN with IEEE 802.1x Authentication
• Configure QoS Service Policies for an Open WLAN
• DHCP Snooping
Enable the AAA RADIUS Server
The configuration of the RADIUS server is dependent on the RADIUS service that you choose.
!
!Look for client open auth state.
pol-edu-3850-mc-12#show access-session mac 0000.3a40.0001 details
Interface: Capwap33
MAC Address: 0000.3a40.0001
IPv6 Address: fe80::200:3aff:fe40:1
IPv4 Address: 153.40.125.100
User-Name: cisco
Status: Authorized
Domain: DATA
Oper host mode: multi-auth
Oper control dir: both
Session timeout: N/A
Common Session ID: 000000000000002D000B81FD
Acct Session ID: Unknown
Handle: 0xe9000023
Current Policy: (No Policy)
Blocked On:
Server Policies:
Vlan Group: Name: 340, Vlan: 340
Method status list:
Method State
dot1x Authc Success
!
To Next Page
Loading...
Need help?
General