This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

XIQ - How can I enable wired 802.1x port authentication

XIQ - How can I enable wired 802.1x port authentication

Go to solution
StephanH
Valued Contributor III

‎01-25-2021 10:08 PM

Hello,

how can I enable wired 802.1x authentication for an XIQ AP so that the AP authenticate on a switch port?

Regards Stephan
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
reinhardg
Contributor II

‎01-28-2021 12:10 PM

Hello Stephan,

yes, with the GUI of XIQ it is not possible to configure 802.1x.

With the CLI PEAP is the default. MD5, TLS and TTLS is also possible, i.e.: supplicant name_of_supplicant eap-type md5 (https://docs.aerohive.com/330000/docs/help/english/ng/Content/reference/docs/cli-reference-guides.ht...)

I’ve requested an according FR at my sales engineer some months ago, but didn’t get an answer, yet.

Our production env is still under HM Classic. We are testing XIQ so that we can decide whether to migrate or replace all that stuff with HW of a vendor that has better support (or should I say: Support at all?)

View solution in original post

0 Kudos
18 REPLIES 18

Go to solution
reinhardg
Contributor II

‎01-28-2021 08:41 AM

Please have a look onto this topic:

 

0 Kudos

Go to solution
StephanH
Valued Contributor III

‎01-27-2021 08:57 PM

Hello Sam.

yes that’s correct. But as I mentioned above we are used to configuring the AP with the suiteable cred.

On Identifi Wireless for example we have to add username and password for PEAP or if we use EAP-TLS we have to add a certificate to the AP. 

In the mention scenario the XIQ AP is the supplicant, the switch is the authenticator and the third part is a radius server (for example a Microsoft NPS, A3 or Extreme Control).

If there is no config necessary on the XIQ AP, how does the AP determain if he has to use PEAP or EAP-TLS and where can we configure username and password for PEAP?

Here is a link to the corresponding configuration on Identifi:

https://documentation.extremenetworks.com/Wireless/UG/Wireless/User_Guide/t_setting_up_802_1x_authen...

Regards Stephan
0 Kudos

Go to solution
SamPirok
Community Manager Community Manager
Community Manager

‎01-27-2021 08:38 PM

Hey guys, I ran this past our XIQ support team and they confirmed you don’t need any settings on the AP for this, it would all be set up on the switch ports. Just to make sure I’m understanding correctly, we’re talking about setting up port authentication on the switch port that the AP is plugging in to, correct? 

0 Kudos

Go to solution
StephanH
Valued Contributor III

‎01-27-2021 06:55 PM

Oops wrong button. The question has not been answered yet.

 

Regards Stephan
0 Kudos

Go to solution
CWurm
Contributor

‎01-27-2021 05:59 PM

Probably that needs to be set through a supplemental CLI command 🙂 Maybe someone of Extreme (or former Aerohive) could help with pointing us in the right direction.

I would be surprised if the XIQ APs could not do that on their ethernet ports...

 

Kind regards

Christian

0 Kudos
GTM-P2G8KFN