Dual client authentication problem in AP1200

Unanswered Question
Aug 9th, 2007
User Badges:


Hello,

I have got an AP1200 with EAP-TLS authentication. I would need to associate a new non EAP authentication device. It supports WEP or MAC authentication. I read that I can only use MAC with EAP-TLS, but I have tried to configure it by adding:


username aaaabbbbcccc password 0 aaaabbbbcccc


username aaaabbbbcccc autocommand exit


aaa authentication login 701 local


dot11 association mac-list 701


dot11 ssid myssid

authentication open mac-address 701 alternate eap eap_methods

authentication key-management wpa

guest-mode


access-list 701 permit aaaa.bbbb.cccc 0000.0000.0000

access-list 701 deny 0000.0000.0000 ffff.ffff.ffff


.....but It does not work. I get the following error:


dot11_auth_send_msg: client FAILED to authenticate aaaa.bbbb.cccc, node_type 64 for application 0x1


dot11_auth_delete_client_entry: aaaa.bbbb.cccc is deleted for application 0x1


%DOT11-7-AUTH_FAILED: Station aaaa.bbbb.cccc Authentication failed



Could you help me, please?



Thanks a lot for your help


Juan Manuel




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
didyap Thu, 08/16/2007 - 06:33
User Badges:
  • Silver, 250 points or more

Try a standard access list and have configuration . Just have this configuration access-list 701 permit aaaa.bbbb.cccc

jmcandelera Fri, 08/17/2007 - 04:59
User Badges:

Hello,


I have tried again the same configuration but this time I configured one ACL entry instead of two (I deleted : access-list 701 deny 0000.0000.0000 ffff.ffff.ffff). Unfortunately I does not work yet.


AP1200 has got the following IOS:


c1200-k9w7-mx.123-4.JA


Perhaps it could be a version problem, could not it?



I have included a debug file.


Thanks for your help


Juan Manuel




Actions

This Discussion

 

 

Trending Topics - Security & Network