Cisco Cisco IOS XE 3.5E Manuel Technique

Contributed by Surendra BG, Cisco TAC Engineer.
Oct 21, 2013

Introduction
Prerequisites
     Requirements
     Components Used
Configure
     Network Diagram
     Overview
     Configure WLC 5760/3850 with CLI
     Configure WLC 5760/3850 with GUI
     Configure ACS 5.2 (RADIUS Server)
Verify
Troubleshoot

This document explains how to configure the wireless LAN (WLAN) controller (WLC) for Extensible
Authentication Protocol (EAP)−Flexible Authentication via Secure Tunneling (FAST) authentication with the
use of an external RADIUS server. This configuration example uses the Cisco Secure Access Control Server
(ACS) as the external RADIUS server in order to authenticate the wireless client.

Cisco recommends that you have knowledge of these topics:

Basic knowledge of the configuration of lightweight access points (LAPs), Cisco 5760 Wireless LAN
Controller, and Cisco Catalyst 3850 Series Switch.

• 

Basic knowledge of Lightweight Access Point Protocol (LWAPP).

• 

Knowledge of how to configure an external RADIUS server, such as the Cisco Secure ACS 5.2. This
configuration example is for EAP−FAST.

• 

Functional knowledge on general EAP framework.

• 

Basic knowledge of security protocols, such as Microsoft Challenge Handshake Authentication
Protocol Version 2 (MS−CHAPv2) and EAP−Generic Token Card (EAP−GTC).

• 

Basic knowledge of digital certificates.

• 

The information in this document is based on these software and hardware versions: