Wireless Access

last person joined: 2 days ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

ClearPass Support of PMF 802.1X on Cisco WLC

This thread has been viewed 0 times

  • 1.  ClearPass Support of PMF 802.1X on Cisco WLC

    Posted Dec 20, 2016 08:45 PM

    Hi, I am looking for information if ClearPass supports PMF 802.1X coming from a Cisco WLC, ClearPass is running version 6.5. When Cisco WLC WPA+WPA2 AES, with PMF 802.1X enabled, the ClearPass server is not receving the request. Once normal 802.1X is selected, client authenticates without issue. authentication method is EAP-TLS not that this should make a difference.

     

    Thanks & Regards,

     

    Marc



  • 2.  RE: ClearPass Support of PMF 802.1X on Cisco WLC
    Best Answer

    EMPLOYEE
    Posted Dec 20, 2016 08:49 PM

    Management Frame Protection is between the client and the AP/controller. There is no involvement of the AAA server.



  • 3.  RE: ClearPass Support of PMF 802.1X on Cisco WLC

    EMPLOYEE
    Posted Dec 21, 2016 03:03 AM

    As a side-note, enabling 802.11w (management frame protection) has been reported to cause connectivity issues with some clients that show to not like the 11w extension in the wireless frames, which makes it hard to deploy in networks where you can't control all of your clients.

     

    Before you decide to enable 11w, do extensive testing with all types of clients that should be supported on your network.