If we then get clients to specify the SSID and 802.1x authentication, along with the requisite username/password credientials for the radius server, then a full authenticated 802.1x session can be succesfully established.
If we try to remove it via the console, the terminal doesn't return anything except a new line, and as soon as the interface is enabled again, the above line reappears in show running-config.
Nuking the config on the WCS - the SSID template, the Accounting server, the Authentication server, removing the entries from the access points then adding them back under a different name returns the same result.
Creating an entirely new set of templates, and applying it to a entirely untouched accesspoint also returns the same result.
This occurs on all devices I've got my hands on, which so far is:
iPhone, ipod touch gen 1 and gen2, OSX 10.6, win xp sp3, win vista, win 7, ubuntu 9.10 and finally a nokia n900.
Has anyone come across this and fixed this before?
Other background information that might help:
Wireless Control System Version 18.104.22.168 Type: Basic Licensed APs: 250 Quantity of APs: 151
WLC's (4 of them - 2 in each WiSM) 1 WiSM is in a Catalyst 6506 1 WiSM is in a Catalyst 6509 Software Version of WiSM: 22.214.171.124
LAPs Software Version 126.96.36.199 Boot Version 188.8.131.52 Inventory Information AP Type LWAPP AP Model AIR-LAP1131AG-N-K9 IOS Version 12.4(13d)JA AP Certificate Type Manufacture Installed Unique Device Identifier(UDI) Name Cisco AP Description Cisco Wireless Access Point Product Id AIR-LAP1131AG-N-K9 Version Id V01
APs converted to LAPs Software Version 184.108.40.206 Boot Version 220.127.116.11 Inventory Information AP Type LWAPP AP Model AIR-AP1131AG-A-K9 IOS Version 12.4(13d)JA AP Certificate Type Manufacture Installed
This is the debug output of a failed attempt to connect to the wep key:
Thu Apr 29 12:31:09 2010: 00:1e:c2:b2:4e:17 802.1x 'txWhen' Timer expired for station 00:1e:c2:b2:4e:17
Thu Apr 29 12:31:09 2010: 00:1e:c2:b2:4e:17 dot1x - moving mobile 00:1e:c2:b2:4e:17 into Connecting state
Thu Apr 29 12:31:09 2010: 00:1e:c2:b2:4e:17 Sending EAP-Request/Identity to mobile 00:1e:c2:b2:4e:17 (EAP Id 19)
Thu Apr 29 12:31:09 2010: 00:1e:c2:b2:4e:17 Sending 802.11 EAPOL message to mobile 00:1e:c2:b2:4e:17
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...