I'm trying to configure the controller to allow clients to connect via WPA/TKIP w/ 802.1x through steel belted radius. I created a wlan with WPA/TKIP and 802.1x and also added my external raidus server on there. The radius server checks with an external ldap server to verify user names and pws. I have it set to use peap and ms-chap v2. I believe I configured my client correctly as well. When I try to a authenticate on an intel 1200 or 3945 it does not work.
I checked the logs and the radius server is passing ldap auth success to the controller. The logs from the controller state:
Jun 18 15:37:38 cont-01**** CONT-01: *Jun 18 15:37:58.545: %DOT1X-3-AUTHKEY_TX_TRANS_ERR: 1x_kxsm.c:128 Authentication state transition to state 0 failed; port status 0, key available 1, key tx enabled 1
I tried doing an open ssid and I can connect, i tried wpa/wpa2 psk and I can connect. I only have issues when using 802.1x. I need to find a way to have users connect to the wireless to authenticate through radius/ldap. I went through a lot of configs and cisco docs and can't figure out if I'm missing something. I opened a TAC case and they said it's a vendor card issue. Any help would be greatly appreciated.