Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
996
Views
0
Helpful
6
Replies

authentication with rsa token failed

n.steffen
Level 1
Level 1

‎03-21-2007 01:01 PM - edited ‎07-03-2021 01:48 PM

hello everybody,

we installed a new wlc 4404 for wireless access.before we installed autonomus AP and with this all works fine!

the problem is with the client authentication.

old installation: Odyssey Client<>AP<>ACS<>RSA Server

new installation: Odyssey Client<>LWAP<>4404WLC<>ACS<>RSA Server

when i authenticate with the old installation: Peap starting with odyssey client , i enter response and i am open authenticated

when i authenticate with the new installation:Peap starting with odyssey client, i enter response i can not authenticate always the popup window for enter the response (passcode) comes up!

whats the problem?

its strange, when i autenticated with the old installation then i change to new installation i dosent must authenticate again and it works over the new installation. i recive a new ip from the WLC pool. when i start the pc new and i will authenticate with the new installation its doesent work.

thanks for a response

nik

Labels:
0 Helpful
6 Replies 6

ankbhasi
Cisco Employee
Cisco Employee

‎03-21-2007 11:46 PM

HI Nik,

I beleive in your new setup your controller can ping/reach ACS?

Regards,

Ankur

0 Helpful

n.steffen
Level 1
Level 1
In response to ankbhasi

‎03-22-2007 04:17 AM

Hi Ankur,

Yes i can ping the ACS from WLC

ACS Software v 3.3

WLC Software 4.0.206.0

Nik

0 Helpful

n.steffen
Level 1
Level 1
In response to n.steffen

‎03-22-2007 11:24 AM

Hello

new info from WLC authentication log:

Thu Mar 22 18:20:09 2007 [SECURITY] 1x_ptsm.c 407: MAX EAP retransmissions reached for mobile 00:18:de:a5:a4:ef

Thu Mar 22 18:20:06 2007 [SECURITY] 1x_bauth_sm.c 423: Backend Authentication SM: abortAuth: Authentication Aborted.

Thu Mar 22 18:19:59 2007 [SECURITY] 1x_ptsm.c 407: MAX EAP retransmissions reached for mobile 00:18:de:a5:a4:ef

Thu Mar 22 18:19:59 2007 Previous message occurred 2 times

Thu Mar 22 18:19:19 2007 [SECURITY] 1x_auth_pae.c 2448: Reached Max EAP-Identity Request retries (21) for STA 00:18:de:a5:a4:ef

Thu Mar 22 18:18:59 2007 [SECURITY] 1x_ptsm.c 407: MAX EAP retransmissions reached for mobile 00:18:de:a5:a4:ef

Thu Mar 22 18:18:59 2007 Previous message occurred 2 times

Thu Mar 22 18:18:51 2007 [SECURITY] aaa.c 661: Authentication succeeded for admin user 'admin'

Thu Mar 22 18:17:25 2007 [SECURITY] 1x_ptsm.c 407: MAX EAP retransmissions reached for mobile 00:18:de:a5:a4:ef

Thu Mar 22 18:16:45 2007 [SECURITY] 1x_auth_pae.c 2448: Reached Max EAP-Identity Request retries (21) for STA 00:18:de:a5:a4:ef

Thu Mar 22 18:16:32 2007 [SECURITY] aaa.c 661: Authentication succeeded for admin user 'admin'

Thu Mar 22 18:16:25 2007 [SECURITY] 1x_auth_pae.c 2448: Reached Max EAP-Identity Request retries (21) for STA 00:18:de:a5:a4:ef

0 Helpful

n.steffen
Level 1
Level 1
In response to n.steffen

‎03-27-2007 12:06 PM

the problem is solved. we changed the timmer setting on wlc...

0 Helpful

leon.mflai
Level 1
Level 1
In response to n.steffen

‎05-03-2007 09:38 PM

Hi, what setting, "timer" or "timmer"?

0 Helpful

shinkang.seo
Level 1
Level 1
In response to n.steffen

‎06-12-2007 09:38 PM

Hi, I am also facing your problem which is little bit different. We can use Wireless for few hours however it did not last for a long time. Some user can use 2~3hours but suddenly request re-authentication. I would like to know what I can refer to solve this. Could you advise?

Our infrastructure is the same as you.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card