Hi all,
we have a XGS116 in place and 5 APX320 and two APX120 in our environment. As our company will definitely fall under NIS2 directive I am currently testing how to secure our internal network. We already use NPS with internal CA and all AD user and Windows computer have certificates. For WPA2-Enterprise Wifi we already use 802.1x for authentication.
Now I tested 802.1x on the access switches so we could use this wit all wired clients like desktop and laptop (via dock), printers and IP-phones. All our APX are connected via standard wall sockets to the access switches. Of course this is a separate VLAN but still a possible attack point. I did not see any setting that allows any kind of 802.1x authentication for the AP.
In detail I am missing an option to set an authentication for the APX to use with our NPS/RADIUS. The only possible way I see right now is a MCA based access list limited to only the one MAC address learned on the APX network port.
So, there is no EAP-TLS setting for the APX?
Added TAGs
[edited by: Raphael Alganes at 5:56 AM (GMT -7) on 18 Mar 2024]
