1130AG Won't Hold Time And Date After A Reload

Unanswered Question
Jun 22nd, 2009
User Badges:

Hello - I am currently deploying 1130AG standalone access points to all my locations. I am having trouble getting them to consistantly authenticate against AD using RADIUS and PEAP. I have noticed that all the access points revert back to a date in 2001 or 2002 after every reboot. So, first, after I issue the clock set command and fix the time and save it, how do I get it to hold that after a reboot. And second, could the time/date mismatch be causing a problem with authentication? Here is a typical config that I am using:


no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname S064AP

!

enable secret XX

!

aaa new-model

!

!

aaa group server radius rad_eap

server 10.0.64.10 auth-port 1645 acct-port 1646

!

aaa group server radius rad_mac

!

aaa group server radius rad_acct

!

aaa group server radius rad_admin

!

aaa group server tacacs+ tac_admin

!

aaa group server radius rad_pmip

!

aaa group server radius dummy

!

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods local

aaa authorization exec default local

aaa accounting network acct_methods start-stop group rad_acct

!

aaa session-id common

ip name-server 10.0.64.10

!

!

!

dot11 ssid S064WLAN

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa

guest-mode

infrastructure-ssid optional

!

power inline negotiation prestandard source

!

!

username admin password XX

username Cisco privilege 15 password XX

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers tkip

!

ssid S064WLAN

!

station-role root

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio1

no ip address

no ip route-cache

shutdown

dfs band 3 block

channel dfs

station-role root

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

!

interface BVI1

ip address 10.0.64.205 255.255.255.0

no ip route-cache

!

ip default-gateway 10.0.64.1

ip http server

no ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

ip radius source-interface BVI1

snmp-server community XX RW

radius-server host 10.0.64.10 auth-port 1645 acct-port 1646 key XX

bridge 1 route ip

!

!

!

line con 0

line vty 0 4

!

end


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Leo Laohoo Mon, 06/22/2009 - 14:43
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

You can enable SNTP to synchronize your clock.


Command: sntp server

Actions

This Discussion