Intermittent wireless connection with 2 SSIDs

Unanswered Question

Hi,

I have been trying to set up an 877W with 2 SSIDs, one encrypted with WPA using the local radius server and the second completely open to allow guests Internet access.

Both the encrypted client and the open clients can connect and browse the internet, but the wireless connection to both is extremely intermittent, with pings to the 877W being regularly dropped.

Config is below, i would be extremely grateful for any feedback anybody could provide. Thanks in advance,

Chris

aaa group server radius rad_eap

server 172.20.22.1 auth-port 1812 acct-port 1813

!

aaa group server radius rad_mac

server 172.20.22.1 auth-port 1812 acct-port 1813

!

aaa group server radius rad_acct

!

aaa group server radius rad_admin

!

aaa group server tacacs+ tac_admin

!

aaa group server radius rad_pmip

!

aaa group server radius dummy

!

!

aaa authentication login local_authen local

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods local

aaa authentication login eap_methods2 group rad_eap2

aaa authentication login eap_methods1 group rad_eap1

aaa authorization exec local_author local

aaa authorization ipmobile default group rad_pmip

aaa accounting network acct_methods start-stop group rad_acct

!

aaa session-id common

!!

!

interface Dot11Radio0

description $FW_INSIDE$

ip address 172.20.22.1 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

ip route-cache flow

!

encryption vlan 4 mode ciphers tkip

!

ssid $ySC0m^^

vlan 4

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa

!

ssid syscomm

vlan 2

authentication open

guest-mode

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

l2-filter bridge-group-acl

no cdp enable

!

interface Dot11Radio0.2

encapsulation dot1Q 2

ip address 172.20.23.1 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

no cdp enable

!

interface Dot11Radio0.4

encapsulation dot1Q 4

ip address 172.20.24.1 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

no cdp enable

!

interface Vlan1

ip address 172.20.21.1 255.255.255.0

ip access-group 104 in

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip virtual-reassembly

ip route-cache flow

ip tcp adjust-mss 1452

ip policy route-map CLEAR_DF

hold-queue 100 out

!

interface Dialer0

bandwidth 256

ip address negotiated

ip access-group 102 in

no ip redirects

no ip unreachables

no ip proxy-arp

ip inspect SDM_LOW out

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip route-cache flow

ip tcp header-compression

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname

ppp chap password

ppp ipcp dns request

!

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip http server

ip http access-class 1

ip http authentication local

ip http secure-server

ip http timeout-policy idle 5 life 86400 requests 10000

ip nat inside source list nat1 interface Dialer0 overload

!

ip access-list extended nat1

permit ip 172.x.x.0 0.0.0.255 any

permit ip 172.x.x.0 0.0.0.255 any

permit ip 172.x.x.0 0.0.0.255 any

!

!

radius-server local

nas 172.20.22.1 key xxx

group fast

!

user syscomm

user david

!

radius-server attribute 32 include-in-access-req format %h

radius-server host 172.20.22.1 auth-port 1812 acct-port 1813 key xxx

radius-server vsa send accounting

!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode