Solved: Re: Wireless deployment

eng_mahmood48_ · ‎01-01-2012

I have the below queries for wirless deployment in IC;

1- what are the steps in which the wireless user pass through from the first connection to the wireless AP to the final step in IC authentication?

2- what is the required configuration in wireless controlleres?

3- what is the required configuration in the IC for the wireless?

Thanks

Raveen_ · ‎01-05-2012

Hi,

1. Steps involved in Wireless authentication:

a. Supplicant probes to identify the APs

b. 802.11 association

c. EAPOL transactions happens to perform dot1x authentication for user/Machine.

d. Based on the credentials supplied, radius server will send either accept/reject.

2. Basic configuration in AP/WLC:

a. Enable Dot1x

b. Add radius server

3.Basic configuration in IC:

a. Add WLC as radius client

b. Add location group and bind sign-in URL

c. Have the authentication protocol set configured with required EAP methods.

d.Appropriate auth server, realm and role configurations

Regards,

Raveen

Note: You could mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks!

View solution in original post

apaul_ · ‎01-02-2012

Hi,

I think , UAC Quick Start Guide should be a good reference on your below questions.

http://www.juniper.net/techpubs/software/uac/4.1xguides/j-ic-uac-4.1-quickstart.pdf

Refer CHAPTER 4, that is Configuring 802.1X Enforcement

This chapter deals with 802.1X configurations.
UAC deployments that use 802.1X-enabled wired switches or wireless access points.

Thanks

eng_mahmood48_ · ‎01-02-2012

Hi

but it dont refer to the wireless controllers configuration part. and there are no description about the wireless connection process.

Thanks

Raveen_ · ‎01-05-2012

Hi,

1. Steps involved in Wireless authentication:

a. Supplicant probes to identify the APs

b. 802.11 association

c. EAPOL transactions happens to perform dot1x authentication for user/Machine.

d. Based on the credentials supplied, radius server will send either accept/reject.

2. Basic configuration in AP/WLC:

a. Enable Dot1x

b. Add radius server

3.Basic configuration in IC:

a. Add WLC as radius client

b. Add location group and bind sign-in URL

c. Have the authentication protocol set configured with required EAP methods.

d.Appropriate auth server, realm and role configurations

Regards,

Raveen

Note: You could mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks!

eng_mahmood48_ · ‎01-06-2012

Hi Raveen

is it required to add the wireless SSIDs either to the IC Role configuration or to the agent software?

or it will work whatever was the SSID you connect from (of course the SSIDs will be defined in the WC or AP)?

Thanks

apaul_ · ‎01-08-2012

There is no default SSID validation in the role at the IC, hence there is no mandatory SSID configuration requirement at IC.

OAC need to be configured with the wireless network details including SSID name, Association method, Encryption methods etc for wireless network attachment, OAC also allows you to SCAN for available networks.

Hope that helps.