Unified profile on a access point.

[Mhunter1993]

Can I use the user network profiles from my 6450 on the wireless network? I am trying to authenticate a user through an access point connected to a 802.1x port on my 6450 switch.
Is this configuration possible? or do I need to configure wireless network profiles on my access point?
Thanks.

[silvio]

no. If you activate in your wlan-client 802.1x (wpa2-enterprise) than the authenticator is the AP. You must config the same profile in you AP. You can use the same Radius-attribute for association the unp (f.e. filter-id).
regards
Silvio

[Mhunter1993]

Is there a way to link the User network profiles from the switch to the access point?
Also I seem to have problems with the mobile ports, the access point can't redirect users to other vlans.

[silvio]

no way . Without different vlans it will be difficult for you. With Instant AP (IAP) from Alcatel this is possible
If you have a limited count of wireless clients you can use mac-auth (at the switch) against an radius-server. This should work.
regards
Silvio

[Mhunter1993]

I have an Alcatel IAP 205, I'm trying to use the DHCP relay option in order to assign a vlan from the dhcp server (the switch 6450) yet It seems like something fails in the configuration.
Is there a way to assign a user to one of the vlans on the switch?
If there isn't, is there a way to use a distributed DHCP configuration to assign a different range of Ip address in the same vlans as the switch DHCP server?

[silvio]

I didn't fully understand your question. But your initial question was 802.1x against radius-server (for UNP at the switch).
With an IAP this will be the best way. your radius returns the attribut filter-id to the authenticator. If this is the switch than the filter-id = UNP. If this is the IAP you can associate a role depenting of your filter-id. There should also a possibility to associate with this a vlan (or direct filter-id to a vlan, you have to look for yourself). The switch needs only to accept the tagged packets (f.e. mobile tagging).
your Switch can act as ip-helper for clients in different vlans with one dhcp-server. But always in different vlans with different ip-ranges!
regards
Silvio

[Mhunter1993]

I have already configured the 802.1x on the access point and it completes the authentication with the radius server, the radius server sends the correct filter ID.
When using the access point as the dhcp server the configuration is easy, I configured the dhcp scoops and simply set the conditions for the dynamic vlan assignment on the access point and it worked.

Now the problem is I cant do that on the network, I need to use a centralized dhcp server and the access point must assign the clients to their corresponding vlan.
Thanks silvio.

[silvio]

great.
than you only need the ip-helper
have a nice weekend
Silvio