Wireless 1200 AP Authentication Failed

Answered Question
Dec 12th, 2006

Hi,

I'm prett new to setting up Cisco WAP. I have tried to copy the config from a working one in another other and changed it to suit my own. I'm attaching a config. The problem is that the AP doesnt automatically get picked up by Wireless cards and when i manually set it up, i get authentication issues - DOG11-7-Auth_Failed from the station MAC-ADDRESS

Any idea? I am confused how the Vlan i have set it up on communicates. Please help?

I have this problem too.
0 votes
Correct Answer by robert.wright@b... about 8 years 7 months ago

heres a link. Haven't experienced this issue myself but APPEARS to be a possible misconfiguration on the client end.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00801df0ea.shtml

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
robert.wright@b... Wed, 12/13/2006 - 05:05

Suggestion before i look at anymore of your config. Please sanitize all of your configs you post on the forums. You have a few passwords in there.

robert.wright@b... Wed, 12/13/2006 - 05:12

Just glancing over i dont see anything that sticks out, have you reference the associated log files on your radius/acs boxes for failed attempts? Also appears your authenicating via mac address so possibly the mac addy isnt present as an authorized device?

rodonohu1 Wed, 12/13/2006 - 05:19

Thanks for the feedback.

I've been working on alot and built up the config again from scratch.

the problem is definatly around the authentication.

When I set it up as follows, I can't see the wireless netork:

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption vlan 1 key 1 size 128bit 7 3EF6C4C5A0DD03D60ACFBC40F93B transmit-key

encryption vlan 1 mode wep mandatory mic key-hash

!

encryption vlan 18 key 1 size 128bit 7 02DC3457EC1AAFC9DF2FAECDF0DF transmit-key

encryption vlan 18 mode wep mandatory mic key-hash

!

ssid EmP1R3D

vlan 18

authentication open mac-address mac_methods eap eap_methods

authentication network-eap eap_methods mac-address mac_methods

but if i put it in guest mode, then i can see the secured network but can't log on to it. When i try to connect it just times out trying. On the client, it doesn't seem to be able to exchange keys,etc. this is where I am in the dark and have difficulty figuring it out.

I've checked the ACS box and it shows on passed authentications that its fine. I just can't get up user authentication box at this point on the client.

rodonohu1 Wed, 12/13/2006 - 06:02

I've also checked this on my ACS failed attempts now: I keep getting the following that points it could be related to PEAP

EAP-TLS or PEAP authentication failed during SSL handshake

where could this issue lie?

rodonohu1 Thu, 12/14/2006 - 08:32

Excatly. I found this yesterday and it worked. The client didn't have the correct Certs so it couldn't authenticate. Cumbersome process but worked.

Thanks for your helpe Robert.

Actions

This Discussion