×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Cannot get an informaiton on the ACS's report interface

Unanswered Question
Feb 27th, 2004
User Badges:

I configured MAC authentication on the ACS for AP1200 and have a question for the report interface.

.

MAC authentication works fine and I can see a record the failure report but nothing for others. I want to see a "Login users", "Accounting", "Passed authentication" etc. Any idea why I cannot see these kind of information from ACS's Report interface.

.

- ACS 3.2, added an AP on the network interface with RADIUS(Airopoint) and wireless phone's MAC address on the User interface. nothing else configued.

- AP1200, 12.2(13)JA2.

.

Here my AP1200 configuration.

.

aaa new-model

aaa group server radius rad_eap

aaa group server radius rad_mac

server 192.168.200.134 auth-port 1645 acct-port 1646

aaa group server radius rad_acct

aaa group server radius rad_admin

server 192.168.200.134 auth-port 1645 acct-port 1646

aaa group server tacacs+ tac_admin

aaa group server radius rad_pmip

aaa group server radius dummy

aaa authentication login default local group tac_admin group rad_admin

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods local group rad_mac

aaa authorization exec default local group tac_admin group rad_admin

aaa authorization ipmobile default group rad_pmip

aaa accounting network acct_methods start-stop group rad_acct

aaa session-id common

!

radius-server host 192.168.200.134 auth-port 1645 acct-port 1646 key 7 xxxxx

radius-server attribute 32 include-in-access-req format %h

radius-server authorization permit missing Service-Type

radius-server vsa send accounting

.

Thanks,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
john.gudmann Tue, 03/02/2004 - 13:56
User Badges:

This works fine for me.

I hade the same problem until i put on "alternate eap eap_methods" The problem was that the Client got validate just on WEP and SSID. now I can see the mac as a login on the AP under "login users" (AP1100 and Intermec 750 PDA with WEB and Mac authentication)

SSID "test"

authentication open mac-address mac_methods alternate eap eap_methods

authentication shared mac-address mac_methods

accounting acct_methods

Actions

This Discussion

 

 

Trending Topics - Security & Network