Not authenticating to wireless

Unanswered Question
Sep 23rd, 2008

I have been banging my head against the wall for days now on this.

We have 2 identical 1100 APs (I copied the config from one to the other changing names and IP address)

They plug into different 3COM switches (both switches are configured the same).

I have 3 secured SSIDs on the APs and one SSID that is not secure (unbroadcasted). On one AP I can login and I wil go right through radius and authenticate. If I log in and are using the other AP I get "cant find certificate" error. I am going nuts. Same AP configs, same switch configs, same laptop, same username and pwd to login to the laptop. But can't auth in one place over the other. I am going nuts!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Scott Fella Tue, 09/23/2008 - 17:30

You either forgot to add the ap to the radius as a AAA client, or the shared secret is wrong. Verify that on the ap config that the radius server is defined correctly.

kcheneystm Tue, 09/23/2008 - 18:49

Thanks for the reply!

If you mean I didnt ad the AP to the IAS console as a RADIUS client - it's there.

I reset the shared secret also too.

How do you tell if the AP has the correct shared secret?

Scott Fella Tue, 09/23/2008 - 19:12

If the shared secret is wrong you will see an error on the IAS event viewer.

kcheneystm Wed, 09/24/2008 - 06:10

I am going with: Shared secret is right. I dont see anny errors in IAS.

Scott Fella Wed, 09/24/2008 - 12:04

You should see some kind of error. Since you are not, I would enter the info again.

kcheneystm Wed, 09/24/2008 - 15:21

I did a bit more testing today and I am thinking that the secret isn't the problem. I think the problem lies in the VLAN configuration.

I added an SSID with no security on it, added it to a VLAN. I connect fine to the AP but dont get an IP address from DHCP. I hard coded my IP from the scope I would have gotten one from. Can't ping anything. Seem like a VLAN config problem?

Scott Fella Wed, 09/24/2008 - 17:26

It is either the vlan is not being passed through the trunk port or to the other switch that leads to the layer 3 interface of that vlan.

kcheneystm Wed, 09/24/2008 - 19:56

That is where my knowledge ends. I dont know the diff between tagged and untagged - they are all 3com switches. researching now...


This Discussion