RADIUS setup for 4402 controller

Unanswered Question

Hi,


I am working on setting up a new WLAN. We purchased a Cisco 4402 WLAN controller and several 1131AG access points. I have the access points set up and talking to the controller, but I can't get clients logged on.


For security I am using MS IAS Radius server running on a Win2003 server. I added the WLANC mgm interface as a a client on the IAS Radius server. I've verified that the shared secret is entered correctly.


On the 4402 I entered the IAS Radius server IP address under the RADIUS Athentication tab. I entered the shared secret and set it to ASCII. I enabled server status and RFC 3576 support and network user and management. Server time out is 2 seconds.


For the WLAN layer 2 security is set to 802.1x and WEP is set to 104 bits. Layer 3 security is none. The RADIUS server with the appropriate port is entered under AAA Servers tab. Local EAP is not enabled.


I am totally new to WLAN config so I am certain I've misconfigured something somewhere but I've no idea what.


Any help greatly appreciated.


Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
gudmundurk Tue, 04/08/2008 - 09:42
User Badges:

Are you using the service-port ?


Then the radius requests would originate from the Service-port interface.


have you routed the IP address of the IAS and can ping it from the controller ?


Could you check the event log on the Win2003 server and see if the IAS is giving any errors ?


jordanperks Tue, 04/08/2008 - 10:39
User Badges:

I will doing this same setup in a few weeks and am curoius as to what the outcome is.

I am not using the service port.


Its a single LAN so the WLAN controller and the RADIUS server are on the same subnet. Yes, I can ping from the WLANC to the RADIUS server.


I saw one error message in the W2k3 log but that was early this morning. No entries since.


For now I've configured the WLAN to use WPA+WPA2 w/PSK. That got us working.


Thanks for the reply.

Scott Fella Wed, 04/09/2008 - 18:00
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

What encryption method are you trying to use. If you are trying to setup PEAP using IAS, you first need to have a certificate installed on the IAS server. Then you need to setup the WLC as a readius client which you already did. Now you need to create a remote access policy for the wireless users and then configure the client.

Actions

This Discussion

 

 

Trending Topics - Security & Network