Cisco Cisco Aironet 1522 Lightweight Outdoor Mesh Access Point Guía De Diseño

For additional configuration details on Cisco ACS servers, see the following:

(Windows)

(UNIX)

Add MAC addresses of mesh access point that are authorized and authenticated by external RADIUS 
servers to the user list of that server prior to enabling RADIUS authentication for a mesh access point.

For remote authorization and authentication, EAP-FAST uses the manufacturer’s certificate (CERT) to 
authenticate the child mesh access point. Additionally, this manufacturer certificate-based identity 
serves as the username for the mesh access point in user validation.

For Cisco IOS-based mesh access points, in addition to adding the MAC address to the user list, you need 
to enter the platform_name_string–MAC_address string to the user list (for example, 
c1240-001122334455). The controller first sends the MAC address as the username; if this first attempt 
fails, then the controller sends the platform_name_string–MAC_address string as the username.

For each mesh access point, two entries must be added to the RADIUS server, the 
platform_name_string-MAC_address string, then a hyphen or a colon delimited MAC Address. For 
example:

platform_name_string-MAC_address

User: c1520-aabbccddeeff

Password: cisco

Hyphen Delimited MAC Address

User: aa-bb-cc-dd-ee-ff

Password: cisco

Colon Delimited MAC Address

User: aa:bb:cc:dd:ee:ff

Password: cisco

The platform AP1552 uses a platform name of c1520.

To enable external authentication for a mesh access point using the GUI, follow these steps: