Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

LEAP working with aironet AP 350 not on AP1100

Unanswered Question
Feb 18th, 2003
User Badges:

After struggeling a while with this, reading docs over and over I'm not geting there.

We're actively using LEAP on an aironet AP 350, aironet PCMCIA 350 and TACACS+ 3.0.Now we want to use the Aironet 1120B AP with same server & adapters in the same leap configuration. This although seems to a though thing to do. I've upgrage the clients firmware to the latest, installed the newest version of ACU, but no luck. When I use open authentication, communication is succesfull, when I select network-EAP authentication nothing seem to happen & nothing is logged or shown when debugged. Looks like no radio communication happens at all.

Could someone provide me an example of a working configuration with leap, or advise me something how to make this work.

Thanks a lot


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (2 ratings)
hvd Wed, 02/19/2003 - 04:15
User Badges:

David, thanks for your reply,

I forgot to mention that my access points are indeed configured for radius, and administration is validated through the tacacs servers using radius.

I've sniffed the network and radius packets when I telnet to the ap are sent & returned to/from the radius server. But nothing passes when a client wants to associate with the ap.

My 350 ap's are working fine with this server, so I doubt that the problem is in this area, I'm more thinking that something's not working between client & ap, since the ap doesn't report a thing.

I'm running ios 12.2(4) on the ap, it's a brand new ap since last week.

This is my config, maybe it gives you an idea ?

version 12.2

no service pad

service timestamps debug datetime

service timestamps log datetime

service password-encryption


hostname ap-test


aaa new-model


aaa authentication login default group radius

aaa authentication login eap_methods group radius

aaa authentication login mac_methods local

aaa authentication login pmip_methods group radius

aaa authorization ipmobile default group radius

aaa authorization network default group radius

aaa authorization network eap_methods group radius

aaa accounting network acct_methods start-stop group radius

aaa accounting network eap_methods start-stop group radius

aaa session-id common

enable secret 5 $xxxx

enable password 7 xxxxx


clock timezone STD 1

clock summer-time DST recurring last Sun Mar 2:00 last Sun Oct 2:00

ip subnet-zero

no ip source-route

ip domain-name intranet.network.be

ip name-server


ip ssh time-out 120

ip ssh authentication-retries 3

dot11 holdoff-time 600


bridge irb


interface Dot11Radio0

no ip address

no ip route-cache

encryption mode wep mandatory


ssid WLan/Intranet

vlan 1

authentication open

authentication network-eap eap_methods



speed basic-11.0

rts threshold 2312

power local 50

channel 2442

station-role root fallback shutdown

no cdp enable


interface Dot11Radio0.1

encapsulation dot1Q 1 native

no ip route-cache

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled


interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto


interface FastEthernet0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled


interface BVI1

ip address

no ip route-cache


ip radius source-interface BVI1

logging history debugging


radius-server host auth-port 1645 acct-port 1646

radius-server retransmit 3

radius-server attribute 32 include-in-access-req format %h

radius-server key 7 xxxxxxxxxxxxxx

radius-server vsa send accounting

bridge 1 route ip


line con 0

line vty 5 15


ntp clock-period 2814768

ntp server



hvd Tue, 02/25/2003 - 00:10
User Badges:

I've upgrade the ios to 12.2(4)JA 1 but not better, same result.

I'm not able to find the 12.2(8)JA ios version,

if you could tell me where I can find it, I can test it out.


This Discussion



Trending Topics - Security & Network