where do i issue the command

this is the output that i get when i run the debug aaa all enable command from the wlc but i cnt understand the output.

(Cisco Controller) >debug aaa all enable

(Cisco Controller) >

(Cisco Controller) >

(Cisco Controller) >

(Cisco Controller) >Mon Feb 26 09:37:16 2007: User admin authenticated

Mon Feb 26 09:37:16 2007: Returning AAA Error 'Success' (0) for mobile 00:00:00:

57:00:00

Mon Feb 26 09:37:16 2007: AuthorizationResponse: 0x35906990

Mon Feb 26 09:37:16 2007: structureSize................................70

Mon Feb 26 09:37:16 2007: resultCode...................................0

Mon Feb 26 09:37:16 2007: protocolUsed.................................0x0

0000008

Mon Feb 26 09:37:16 2007: proxyState...................................00:

00:00:57:00:00-00:00

Mon Feb 26 09:37:16 2007: Packet contains 2 AVPs:

Mon Feb 26 09:37:16 2007: AVP[01] Service-Type........................

.....0x00000006 (6) (4 bytes)

Mon Feb 26 09:37:16 2007: AVP[02] Airespace / WLAN-Identifier.........

.....0x00000000 (0) (4 bytes)

Hi

Looks like your wlc is not communicating with the acs server ;

Is the basic configuration to accept radius request configured on the acs server ?

Regards

Seema

thats where i am struggling maybe am still trying to install certificates because i am using Peap..where do i get them?

this is the the debug aaa all enable output that i get from my wlc 4402,does it mean that its now communicating with the ACS?

(Cisco Controller) >Tue Feb 27 10:38:30 2007: AccountingMessage Accounting Inter

im: 0x12dccbd8

Tue Feb 27 10:38:30 2007: Packet contains 16 AVPs:

Tue Feb 27 10:38:30 2007: AVP[01] User-Name...........................

.....0012f0325e83 (12 bytes)

Tue Feb 27 10:38:30 2007: AVP[02] Nas-Port............................

.....0x00000001 (1) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[03] Nas-Ip-Address......................

.....0x0a01100a (167841802) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[04] NAS-Identifier......................

.....Cisco_46:bf:23 (14 bytes)

Tue Feb 27 10:38:30 2007: AVP[05] Airespace / WLAN-Identifier.........

.....0x00000001 (1) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[06] Acct-Session-Id.....................

.....45e3f2cc/00:12:f0:32:5e:83/22 (29 bytes)

Tue Feb 27 10:38:30 2007: AVP[07] Acct-Authentic......................

.....0x00000003 (3) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[08] Acct-Status-Type....................

.....0x00000003 (3) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[09] Acct-Input-Octets...................

.....0x001d9720 (1939232) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[10] Acct-Output-Octets..................

.....0x0057727e (5730942) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[11] Acct-Input-Packets..................

.....0x00002e64 (11876) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[12] Acct-Output-Packets.................

.....0x000025b0 (9648) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[13] Acct-Session-Time...................

.....0x0000175a (5978) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[14] Acct-Delay-Time.....................

.....0x00000000 (0) (4 bytes)

Tue Feb 27 10:38:30 2007: AVP[15] Calling-Station-Id..................

.....10.1.16.119 (11 bytes)

Tue Feb 27 10:38:30 2007: AVP[16] Called-Station-Id...................

.....10.1.16.10 (10 bytes)

Tue Feb 27 10:38:59 2007: AccountingMessage Accounting Interim: 0x12dd8208

Tue Feb 27 10:38:59 2007: Packet contains 16 AVPs:

Tue Feb 27 10:38:59 2007: AVP[01] User-Name...........................

.....00166f9d29bc (12 bytes)

Tue Feb 27 10:38:59 2007: AVP[02] Nas-Port............................

.....0x00000001 (1) (4 bytes)

Tue Feb 27 10:38:59 2007: AVP[03] Nas-Ip-Address......................

.....0x0a01100a (167841802) (4 bytes)

Tue Feb 27 10:38:59 2007: AVP[04] NAS-Identifier......................

.....Cisco_46:bf:23 (14 bytes)

Tue Feb 27 10:38:59 2007: AVP[05] Airespace / WLAN-Identifier.........

.....0x00000001 (1) (4 bytes)

Tue Feb 27 10:38:59 2007: AVP[06] Acct-Session-Id.....................

.....45e40174/00:16:6f:9d:29:bc/25 (29 bytes)

Tue Feb 27 10:38:59 2007: AVP[07] Acct-Authentic......................

hey ,

Check this link

http://www.cisco.com/en/US/partner/tech/tk722/tk809/technologies_configuration_example09186a0080665d18.shtml

this should help you

can you send me

show radius summary

have you configured radius server properly

let me kwn if need more info

Regards

Seema

man i really appreciate the help am getting from you.

i found the document that you sent very helpful but then the example uses LEAP between the APs and the clients.In my case i chose to use Peap because my wireless adapters only support EAP(PEAP)but ofcourse my APs are Aironets 1242AG,so i chose radius IETF instead of radius Aironet..is that right?

please see the show radius summary output

(Cisco Controller) >

(Cisco Controller) >show radius summary

Vendor Id Backward Compatibility................. Disabled

Credentials Caching.............................. Enabled

Call Station Id Type............................. IP Address

Administrative Authentication via RADIUS......... Enabled

Keywrap.......................................... Disabled

Authentication Servers

Idx Type Server Address Port State Tout RFC3576 IPSec - AuthMode/P

hase1/Group/Lifetime/Auth/Encr

--- ---- ---------------- ------ -------- ---- ------- ------------------

------------------------------

1 NM 10.1.21.3 1812 Enabled 2 Enabled Disabled - none/u

nknown/group-0/0 none/none

Accounting Servers

Index Type Server Address Port State Tout RFC-3576 IPSec - AuthMod

e/Phase1/Group/Lifetime/Auth/Encr

----- ---- ---------------- ------ -------- ---- -------- ---------------

---------------------------------

(Cisco Controller) >