Dual client authentication problem in AP1200

Unanswered Question
Aug 9th, 2007
User Badges:


I have got an AP1200 with EAP-TLS authentication. I would need to associate a new non EAP authentication device. It supports WEP or MAC authentication. I read that I can only use MAC with EAP-TLS, but I have tried to configure it by adding:

username aaaabbbbcccc password 0 aaaabbbbcccc

username aaaabbbbcccc autocommand exit

aaa authentication login 701 local

dot11 association mac-list 701

dot11 ssid myssid

authentication open mac-address 701 alternate eap eap_methods

authentication key-management wpa


access-list 701 permit aaaa.bbbb.cccc 0000.0000.0000

access-list 701 deny 0000.0000.0000 ffff.ffff.ffff

.....but It does not work. I get the following error:

dot11_auth_send_msg: client FAILED to authenticate aaaa.bbbb.cccc, node_type 64 for application 0x1

dot11_auth_delete_client_entry: aaaa.bbbb.cccc is deleted for application 0x1

%DOT11-7-AUTH_FAILED: Station aaaa.bbbb.cccc Authentication failed

Could you help me, please?

Thanks a lot for your help

Juan Manuel

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
didyap Thu, 08/16/2007 - 06:33
User Badges:
  • Silver, 250 points or more

Try a standard access list and have configuration . Just have this configuration access-list 701 permit aaaa.bbbb.cccc

jmcandelera Fri, 08/17/2007 - 04:59
User Badges:


I have tried again the same configuration but this time I configured one ACL entry instead of two (I deleted : access-list 701 deny 0000.0000.0000 ffff.ffff.ffff). Unfortunately I does not work yet.

AP1200 has got the following IOS:


Perhaps it could be a version problem, could not it?

I have included a debug file.

Thanks for your help

Juan Manuel


This Discussion



Trending Topics - Security & Network