Em quinta-feira, 17 de julho de 2025 às 12:59:28 BRT, Alan DeKok <aland@deployingradius.com> escreveu:
I have no idea how your AP does MAC auth without 802.1X on an SSID which is configured for 802.1X.
As I've said, go read the AP documentation. I don't run your APs. I am not your AP vendor. I can't answer this question.
Is that finally clear?
I think you misunderstood something in the way. In an earlier email I said I understood what you said that it is not possible to authenticate IoT devices that dont support 802.1x in a 802.1x SSID. There is no fallback like there is in wired. So I asked what is the best practice to properly solve the issue where I need to authenticate IoT devices. A separate SSID specificaly for them right? In this new SSID I could use macauth, but macauth only is insecure because mac can be spoofed. An earlier user said something about Cisco IPSK, does someone have an idea how I can configure this in the virtual cisco wireless controller together with freeradius?