cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
557
Views
5
Helpful
2
Replies

Microsoft IAS PEAP & WPA/TKIP

tpelley
Level 1
Level 1

I am trying to get the AP's that I manage to authenticate users against our Active Directory using Microsoft IAS. I have a combination of AP1231G and AP1131G units which have been configured to authenticate against the IAS server, but my auths are failing. The basics of the Configs are as follows:

AP's

aaa group server radius rad_eap

server 10.X.X.X auth-port 1812 acct-port 1813

dot11 ssid test

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa

radius-server attribute 32 include-in-access-req format %h

radius-server host 10.3.24.16 auth-port 1812 acct-port 1813

radius-server vsa send accounting

The IAS is configured for PEAP/MS-CHAPv2

Ant thoughts on why my Auths are failing?

2 Replies 2

andrew.brazier
Level 4
Level 4

Could be all sorts of things : ) What errors are there in the AP logs? In the EV on the server running IAS? How is your certificate configured and deployed?

A really good tool for configuring this setup on a Windows network is the Microsoft WLAN-PEAP Toolkit available from here:

http://go.microsoft.com/fwlink/?linkid=23481

It's got some very good scripts which do almost all the configuration you need for IAS, Cert Authority, etc, etc and some very good documentation on setting it all up and configuring it.

Thanks, Some really helpful info here. I tracked the problem down to a Remote Access Policy that was just a bit too narrow in scope and corrected the issue. Everything is working now.

Thanks for the info.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: