06-04-2009 06:34 AM - edited 03-10-2019 04:31 PM
Hi all,
I'm having a problem when wireless controllers try to authenticate wireless clients by ACS 5.0.
I've added the ACS as a Radius server and configured in the Wlan that the clients try to associate.
Seem that the WC is unable contact the ACS, in the log of the controller i can see timeout error, but ACS and WC can ping each other and there is no firewall between them.
Can anyone help me to find the problem?
In the ACS log there is no trace of the request of authentication.
Thanks all.
06-10-2009 06:07 PM
For the Cisco Secure ACS to be able to authenticate Wireless clients, you need to complete these steps:
Configure the Wireless LAN Controller as a AAA client on the Cisco Secure ACS.
Configure the users and user profiles on the Cisco Secure ACS.
07-09-2009 03:05 AM
Hi, has anyone here found any solution on this issue. I'm in dire need to have a solution for this. any input would be appreciated.
Thanks.
07-09-2009 05:19 AM
ACS 5.0 has some issues working with the Cisco Wireless Services Module (WiSM) and maybe other wireless controllers are also presenting the same problem. These result in no rsponse being received to the request.
There are two bugs filed and they are addressed in cumulative patch 5.0.0.21.6 which is available at the following location: http://www.cisco.com/cgi-bin/tablebuild.pl/acs5_patches
07-17-2009 12:59 AM
Installed the latest cumulative patch ver 5.0.0.21.7 and now WLC and ACS 5.0 could work without issues and could authenticate RADIUS Authentication like a champ.
Thanks for the suggestion irabinow...
REgards.
07-20-2009 01:56 PM
We have the same issue not being able to use ACS and WCS.
I tried to d/l that patch: 5-0-0-21-7.tar.gpg, but the download comes as 5-0-0-21-7.tar.tar I tried renaming the file as a .gpg, but that does not work either.
Just locks up the Web console...the CLI attempts to apply the patch but complains about missing directory
any ideas?
Charles
07-20-2009 10:22 PM
Few comments and suggestions:
1) there is no issue in renaming the file extension as long as file size and checksum are in fact correct
2) it is recommended to create the repository used for the install from the CLI and also install the patch from the CLI
3) There are issues with TFTP repostories when file size exceeds 32M. It is recommended to use FTP instead instead
Jonny
11-02-2009 07:17 AM
Hi guys. Is anyone still experiencing issues with this? I have implemented the latest patch (5.0.0.21.8) but still no RADIUS response. I can ping etc and I have authenticated using PAP using a RADIUS client simulator. It seems to be an issue with PEAP/MSCHAP???? Please help :-) Show version of ACS shown below.
Coop-ACSv5/ansgroup# sh ver
Cisco Application Deployment Engine OS Release: 1.1
Build Version: 1.1.0.416
Copyright (c) 2005-2008 by Cisco Systems, Inc.
All rights reserved.
Hostname: Coop-ACSv5
Version information of installed applications
---------------------------------------------
Cisco ACS VERSION INFORMATION
-----------------------------
Version : 5.0.0.21
Internal Build ID : B.2757
Patches :
5.0.0.21.8
Coop-ACSv5/ansgroup#
11-02-2009 08:27 AM
A good way to troubleshoot the point at which the request is failing is to go to:
Monitoring & Reports: ... > Reports > Catalog > AAA Protocol
and the select "RADIUS_Authentication"
You will get a list of all passed/failed attempts together with failure reason. If you select the magnifiying glass icon under teh details column you should see the steps performed to process the request and see where processing stopped
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide