10-03-2007 11:34 PM - edited 07-03-2021 02:43 PM
Hello.
I'm using PEAP to authenticate wireless client: machine authentication only.
For W2000 client only, when systems start these are successfully authenticated using the computer account; after some seconds a re-key entry can be founded on ACS report with the same computer account or user account if they're making login.
Andrea.
10-10-2007 07:22 AM
Andrea,
The 'Re-Key OK' message on ACS means that Cisco-Aironet-Session-Timeout has occured. Hence, the session (dynamic) keys need to be re-established.
This message appears because of the dynamic WEP key configured for authentication
reasons.
To increase this, please go to
'Security' -> 'Encryption Manager' on the AP
Over there under 'Global Properties'
Broadcast Key Rotation Interval:
check Enable Rotation with Interval and enter a value as needed.
Similarly, this value should be same on the ACS RADIUS(IETF) 27 attribute.
Regards,
~JG
10-14-2007 10:11 PM
Hello and many thanks for your help.
I'm using CiscoSecure ACS to configure [5842\001] Cisco-Aironet-Session-Timeout to the same value of [027] Session-Timeout.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: