I'm trying to set up a RADIUS server and PEAP on a CISCO ARI-AP1242AG-A-K9 and I am getting an Authentication failed message in the event log.
First I see RADIUS Server 10.209.128.61:1645,1646 is not responding.
Then I see RADIUS Server 10.209.128.61:1645,1646 has returned.
Then I get the "Station <MAC address> authentication failed" message.
The association tab shows the client state as "association processing"
The clients are a Silex MX-560 and a windows XP SP2 HP laptop with a intel PRO/Wireless 3945ABG internal network card.
I've been able to get the Silex to work using LEAP, but no luck at all on either with PEAP.
Can anyone help me?
PEAP makes it possible to authenticate wireless users without requiring them to have USER-Certificates, but we still require a ROOT Certificate.
Here are some more specific details about PEAP:
Extensible Authentication Protocol (PEAP) Version 2, which provides
an encrypted and authenticated tunnel based on transport layer
security (TLS) that encapsulates EAP authentication mechanisms.
PEAPv2 uses TLS to protect against rogue authenticators, protect
against various attacks on the confidentiality and integrity of the inner EAP method exchange and provide EAP peer identity privacy."
"As part of the TLS negotiation, the server presents a certificate to
the peer. The peer SHOULD verify the validity of the EAP server
certificate, and SHOULD also examine the EAP server name presented in
the certificate, in order to determine whether the EAP server can be
â¢PEAP uses server-side Public-Key Infrastructure (PKI)-based digital certification authentication.
â¢PEAP uses TLS to encrypt all user-sensitive authentication information.