Question about 802.1x port based authentication and Zyxel APs

Is there a way to use a Zyxel ap as a 802.1x supplicant IE, the AP joins as a client and then the Wifi networks that are shared from the AP would have their own security IE WPA2, clients that join a wifi SSID get authenticated to the port based off the AP's authentication to the port?

I'll also say this incase someone else has a better idea: Outside of physical security I'm just looking for a way to prevent someone from ripping off an outdoor AP and connecting to the switch / all trunked vlans.

All Replies

  • Zyxel_Judy
    Zyxel_Judy Posts: 916  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @Tazman ,

    Zyxel APs do not support acting as 802.1x supplicants in the way you've described. The APs can authenticate clients using 802.1x, but they themselves cannot authenticate to the network in this way.

    Regarding your scenario and your concern about physical security, to mitigate this risk, you could consider the methods below:

    Method 1: Configuration on AP

    You can refer to establishing the Smart mesh (as the wireless connection mechanism to Zyxel AP connects to another Zyxel AP) for your network, so there is no Ethernet cable outdoor.

    Method 2: Configuration on firewall

    You can refer to Captive portal feature. When opening the browser and trying to surf the internet, client will be redirected to the login page and must verify the authentication to access the network and use internet services.

    Be a Community MVP: Win a VIP Deal Dash on Your Next Zyxel Purchase!