RADIUS setup for 4402 controller

Unanswered Question


I am working on setting up a new WLAN. We purchased a Cisco 4402 WLAN controller and several 1131AG access points. I have the access points set up and talking to the controller, but I can't get clients logged on.

For security I am using MS IAS Radius server running on a Win2003 server. I added the WLANC mgm interface as a a client on the IAS Radius server. I've verified that the shared secret is entered correctly.

On the 4402 I entered the IAS Radius server IP address under the RADIUS Athentication tab. I entered the shared secret and set it to ASCII. I enabled server status and RFC 3576 support and network user and management. Server time out is 2 seconds.

For the WLAN layer 2 security is set to 802.1x and WEP is set to 104 bits. Layer 3 security is none. The RADIUS server with the appropriate port is entered under AAA Servers tab. Local EAP is not enabled.

I am totally new to WLAN config so I am certain I've misconfigured something somewhere but I've no idea what.

Any help greatly appreciated.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
gudmundurk Tue, 04/08/2008 - 09:42
User Badges:

Are you using the service-port ?

Then the radius requests would originate from the Service-port interface.

have you routed the IP address of the IAS and can ping it from the controller ?

Could you check the event log on the Win2003 server and see if the IAS is giving any errors ?

jordanperks Tue, 04/08/2008 - 10:39
User Badges:

I will doing this same setup in a few weeks and am curoius as to what the outcome is.

I am not using the service port.

Its a single LAN so the WLAN controller and the RADIUS server are on the same subnet. Yes, I can ping from the WLANC to the RADIUS server.

I saw one error message in the W2k3 log but that was early this morning. No entries since.

For now I've configured the WLAN to use WPA+WPA2 w/PSK. That got us working.

Thanks for the reply.

Scott Fella Wed, 04/09/2008 - 18:00
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

What encryption method are you trying to use. If you are trying to setup PEAP using IAS, you first need to have a certificate installed on the IAS server. Then you need to setup the WLC as a readius client which you already did. Now you need to create a remote access policy for the wireless users and then configure the client.


This Discussion



Trending Topics - Security & Network