Wireless 802.1x with MAB as fallback and FreeRadius
Rodrigo Antunes
rodrigoaantunes at yahoo.com.br
Thu Jul 17 16:56:33 UTC 2025
Em quinta-feira, 17 de julho de 2025 às 12:59:28 BRT, Alan DeKok <aland at deployingradius.com> escreveu:
> I have no idea how your AP does MAC auth without 802.1X on an SSID which is configured for 802.1X.
> As I've said, go read the AP documentation. I don't run your APs. I am not your AP vendor. I can't answer this question.
> Is that finally clear?
I think you misunderstood something in the way.
In an earlier email I said I understood what you said that it is not possible to authenticate IoT devices that dont support 802.1x in a 802.1x SSID. There is no fallback like there is in wired.
So I asked what is the best practice to properly solve the issue where I need to authenticate IoT devices.
A separate SSID specificaly for them right? In this new SSID I could use macauth, but macauth only is insecure because mac can be spoofed.
An earlier user said something about Cisco IPSK, does someone have an idea how I can configure this in the virtual cisco wireless controller together with freeradius?
More information about the Freeradius-Users
mailing list