Forum

  • Hi,

    Is it possible to do both LEAP/EAP-FAST and MAC authentication? i.e. Have the client authenticate using LEAP or EAP-FAST first and then use the MAC address for MAC authentication.
    Essentially this will be two levels of authentication and is different from setting up MAC filtering(ACL's) on the AP.

    I know Cisco's AP has a config that allows both, but I think that this means either one or the other will be used but not both. IF the first suceeds, then it will not try the other method since the client is already authenticated at that point.

  • I haven't tested it personally, but I believe that it would require both EAP and MAC to authenticate successfully before allowing access.

    I assume this since there is an addition option for "open authentication" (on Cisco APs) for "with MAC and EAP" as well as "with MAC or EAP".

    So if you used the open method and selected "with MAC and EAP" then it should requrie both to gain access. Whereas using "with MAC or EAP" would allow one or the other.

    I would suggest testing it out just to make sure though. :)

Page 1 of 1
  • 1