cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
467
Views
0
Helpful
3
Replies

AP1242, WLSE & ACS

andrew.brazier
Level 4
Level 4

I'm trying to configure a WLAN composed of AP1242's managed by a WLSE and authenticating via an ACS Appliance. At present I'm still testing so the ACS box is using it's internal user database and I've generated a self signed and installed cert on it. I've exported the cert and installed on the clients but my problem is that I'm not getting authenticated and I think the weak link is the AP's.

When I try and authenticate a client I get an authentication failed error on the AP and that's it, nothing on the ACS server at all. Using Ethereal I can't see any 1645 or 1812 UDP traffic between the AP and the ACS box (or any traffic at all for that matter) so it looks like the AP isn't even trying the ACS box. I've tried running debug aaa and radius commands on the AP but the only thing I see are AAA/BIND messages appearing every minute or so. I've even tried stopping the ACS services and trying again with the services stopped to try and raise an error.

Any ideas would be very welcome!

3 Replies 3

thomas.chen
Level 6
Level 6

Could you provide the error message which you are getting.

Thanks for the reply, I've sorted the problem (with assistance from TAC). What follows is a warning if you're planning to use an ACS Solution Engine: After carrying out the basic console based setup what you end up with is a config that WILL NOT WORK, it self configures itself in such a way that it will never work. Neat trick eh? Drop me a line if you'd like full details.

scottmac
Level 10
Level 10

Which authentication / authorization scheme are you using?

Are you using the Microsoft Zero Wireless Config system, or the client software (in addition to the client drivers)?

Do you have a software firewall on the PC/Laptops? Try disabling it for diagnostics (make sure you shut down the service as well as the "front end" code).

Have you verified that the client has assocated?

With the PC/Laptop on, try disabling and re-enabling the NIC (versus re-booting) and see if you get the auth traffic (on your Ethereal capture).

Check it out & let us know.

Scott

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: