11-16-2006 01:03 PM - edited 07-03-2021 01:15 PM
Hi,
I have WDS setup with WLSE 2.13 and ACS 4.0. I have 8 1231 access points that behave correctly. I also have 1 1130 and 1 1242. Both of these get the error "AP Timed out authenticating to the WDS." My WDS device is currently a 1231, but I have also tried making it the 1242 and 1130. In all cases they time out. Has anybody else seen this behaviour?
11-21-2006 05:32 AM
Hi Brad,
be sure to have the WDS setup with the ACS like this:
If you have forgotten to enable LEAP for the WDS device or the secrets are not equal, you get teh message that the AP could not authenticate with the WDS.
If you used the ACS as RADIUS Server then have a look into the failed authentication log. There should be wrong NAS User entries.
If you want to test the WDS Setup with an AP local RADIUS Server have a look here:
The setup is the same like in teh forst document instad of using the Local RADIUS as LEAP authentication Server. Remember WDS needs LEAP for internal authentication issues.
Best regards,
Frank
11-21-2006 08:12 AM
LEAP is enabled. WDS work fine on all my 1231's. It just the 1242's and 1130's that seems to have this problem. I've had a TAC cas open on it for a while now and they seem puzzled by it as well.
11-21-2006 11:46 PM
Hi Brad,
how many APs do you have within the WDS?
Are the APs all in the same subnet / VLAN?
Do you have a sample config of the WDS AP, a working 1231 and a 1242?
How is the setup in the ACS? Do you have "Network Device Groups" in the "Network Configuration" section?
Issue the command "debug aaa authentication" on a working and not working AP and please post the result.
Also issue the command "debug wlccp wds ap mac-address H.H.H" where H.H.H should be a mac address of an not-working AP.
Best regards,
Frank
11-28-2006 07:10 AM
12-01-2006 02:13 AM
Hi Brad,
i was a bit in busy the last days.
For a first look i can?t obviously find any failure or problem.
What kind of device is the mentioned:
wlccp wnm ip address 10.240.2.41
Is it a WLSE? Are the non-working devices managed within the wnm?
On the WDS Device issue the command:
sh radius local-server statistics
Successes : 9 Unknown usernames : 0
Client blocks : 0 Invalid passwords : 0
Unknown NAS : 0 Invalid packet from NAS: 0
NAS : 10.20.30.120
Successes : 9 Unknown usernames : 0
Client blocks : 0 Invalid passwords : 0
Corrupted packet : 0 Unknown RADIUS message : 0
No username attribute : 0 Missing auth attribute : 0
Shared key mismatch : 0 Invalid state attribute: 0
Unknown EAP message : 0 Unknown EAP auth type : 0
Auto provision success : 0 Auto provision failure : 0
PAC refresh : 0 Invalid PAC received : 0
Username Successes Failures Blocks
wds 9 0 0
Do you have any other messages than "Successes"?
If yes clear the statistics with:
clear radius local-server statistics
Reload the not working AP and have a look into the statistics!
This was the first step i used to find misconfigurations.
Best reagrds,
Frank
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: