cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
482
Views
0
Helpful
1
Replies

AP with MBSSID with only 1 SSID connecting?

srosenthal
Level 4
Level 4

I have an autonomous 1130AG configured with 3 SSID's on 3 vlan's.  The first SSID uses EAP-FAST, the second SSID uses LEAP and the third SSID uses WPA-PSK.  I am using the Cisco abg card with the Cisco ADU.  I have configured all three SSID's on the ADU but can only get a link on the WPA-PSK ssid.  When I select one of the first two SSID's, I do not even get a link to even try to authenticate.

Anyone have any idea's what might be going on?  I can see all of the SSID's when I use the scan feature of the ADU and have tried the same setup on two other AP's with know luck.  All three SSID's are configured with mbssid guess-mode.

Seth

1 Reply 1

srosenthal
Level 4
Level 4

I have reconfigured the AP to just one SSID using EAP-FAST and I still cannot even get a link on the ADU.  Here is the config from the AP.  I am seeing the SSID when I use the scan function of the ADU.

service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 1130a
!
enable secret 5 $1$zx2l$SmmwKW13XmXdiQlbrJ/m//
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa group server radius rad_eap1
server 192.168.1.26 auth-port 1812 acct-port 1813
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login eap_methods1 group rad_eap1
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
!
!
!
dot11 ssid Lab03a
   authentication open eap eap_methods1
   authentication key-management wpa version 2
   guest-mode
   infrastructure-ssid optional
!
power inline negotiation prestandard source
!
!
username Cisco password 7 106D000A0618
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
ssid Lab03a
!
channel 2412
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
dfs band 3 block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
no bridge-group 1 source-learning
!
interface BVI1
ip address 172.23.20.20 255.255.255.0
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

ip radius source-interface BVI1
radius-server attribute 32 include-in-access-req format %h
radius-server host 192.168.1.26 auth-port 1812 acct-port 1813 key 7 060506324F41

radius-server vsa send accounting
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
!
end

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: