Wireless - Wireless LAN Controller


When implementing security on a [WLC](/wireless-troubleshooting-wireless-clients-on-a-wlc) using IEEE 802.1x and an [AAA](/aaa) server for passwordless access, it is possible to use multiple AAA servers for this purpose.

Windows Active Directory is one option, but it is not the only option to use 802.1x and password-less access. You can use various other platforms that leverage the RADIUS protocol including freeRADIUS , Cisco ISE, TACACS+, and Aruba ClearPass to name a few. These servers can integrate with various directory services, not just Active Directory.

The key is to have a server that supports EAP-TLS, which is the protocol used for certificate-based authentication in 802.1x. This allows the server to validate the client’s certificate to provide password-less access.

So, you have several options to choose from depending on your network infrastructure, budget, and specific requirements.

Links:

https://forum.networklessons.com/t/peap-and-eap-tls-on-server-2008-and-cisco-wlc/1036/136?u=lagapides

https://networklessons.com/uncategorized/peap-and-eap-tls-on-server-2008-and-cisco-wlc/



Security - 802.1x with WLC and AAA server

STP - RSTP proposal-agreement process

STP - RSTP while timer

STP - Root Link Query (RLQ) BPDU

STP - Shortest Path Bridging (SPB)

STP - Time to select root bridge

STP - Topology Change Acknowledgement (TCA)

STP - UplinkFast and reconvergence

STP - UplinkFast and root port delay timer

STP - UplinkFast

STP - bridge priority

STP - connecting one port to another port on the same switch

STP - determining the blocked port using port ID

STP - port identification

STP - port roles

STP - port states

STP - spanning-tree root primary command

STP - what bridge ID does the MST region use

STP - what is a topology change

STP BPDU Filter

STP BPDU Guard

STP BPDU Types

STP BPDU destination MAC address

STP Cost Calculation Methods

STP Loop Guard

STP Max Age

STP Message Age

STP PortFast

STP Portfast Options

STP Root Bridge selection

STP Root Guard

STP Topology Change (TC) flag

STP Topology Change Timer

STP UDLD and Autonegotiation

STP UDLD

STP bridge priority values

STP changing link cost

STP configuring on EtherChannel

STP configuring portfast

STP contents of a BPDU

STP cost long mode

STP cost short mode

STP determining blocked port using cost

STP direct vs indirect link failure

STP fine tuning the spanning tree protocol

STP how a switch identifies a BPDU

STP how to find the root bridge

STP interface type

STP prio nbr value

STP topology change process

Security - AAA for RESTCONF

Security - Best Practices for Repurposing Network Devices

Security - Cisco AnyConnect Secure Mobility Client

Security - Cisco Secure Client

Security - Cisco VPN Client

Security - Cisco VPN client software

Security - Diffie-Hellman groups

Security - Extensible Authentication Protocol over LAN (EAPOL)

Security - GETVPN

Security - IEEE 802.1X

Security - IOS Usernames and Passwords

Security - IPsec nonce

Security - Kerberos

Security - MAC Authentication Bypass

Security - Network Access Control (NAC)

Security - Next Generation Firewall

Security - Secure Unique Device Identifier (SUDI)

Security - WPA 4-way handshake

Security - WebVPN

Security - accessing VTY from another VRF

Security - assigning privilege levels, syntax and behavior

Security - bogons

Security - broadcast-multicast storm

Security - configuring TACACS from another VRF

Security - privilege levels and command output

Security - privilege levels and enable keyword

Security - public key exchange

Security - root CAs and private keys

Security - spoofing

Security - storm control algorithm

Security IKE policy hash command

Security Trusted Platform Module (TPM)

Security aaa new-model

Security authentication on VTY lines

Security keyrings

Segment Routing

Serial Interface default broadcast address

Session Border Controller

Session Initiation Protocol

Show open TCP-UDP ports on Cisco router

Spanning Tree Protocol (STP)

Spine and leaf architecture - connections to leaf switches

Spine and leaf architecture - connections to spine switches

Spine and leaf architecture - reducing latency

Split-horizon

StackWise Virtual

Stackwise election process

Stackwise user priority

Subscriber templating

Summarization

Security - 802.1x with WLC and AAA server

Links to this page: