Cisco Support Community
Community Member

Aironet 1200 and windows 2008 radius


I have some aironet 1200 AP's. I want to use this with a windows 2008 radius server. I followed the guide on Unfortunately I can not get this working. In the securtiy log of the event viewer there is always the message "authenication was not succesful because an unknown username or incorrect password".

- Is it possible to get this working?

- If yes, is there a manual how to configure the AP's and the radius server, or are there any hints?

- Is this the best way to setup a wireless network or is there a better way?

I saw there is also a local radius server inside the 1200. Can all the 1200's work together? I suppose that if I use the built-in radius server than I can't make a connection to my AD database, correct?

Hope you can help me.


Community Member

Aironet 1200 and windows 2008 radius

Yes it's possible. I configured fully functioning AD Integrated server 2008 radius and got my 1040 AP's to do the EAP authentication to it. It took a lot of trial and error and it's a pretty deep configuration but in my opinioin, it's the best way to do Wifi authentication.  It was several months ago so I'm a bit foggy, I'll do my best to help.

I'm not at the point where I can say that "incorrect password" error is "xyz configuration" issue, but post the AAA and radius server configs and we'll take a look. Maybe somebody else is at that level.

Actually, maybe I do know... it depends on what client you're using for the eap auth.   If you're using native windows 7 or xp, first it will use the computer account which doesn't actually use a password exactly (it would have to be joined to the domain for that to work).  With any client, you can instead specify that it should use an actual username and password of a person.

I remember that I made it work with both the windows XP native client and the Dell wireless client, but both had little nuances.

Wow... I just realized I should specify:



--I just remembered some of the other details:

1.  Are you even trying to use it for EAP wireless auth, or just standard AAA auth for the access point management login?

2.  The password error might be a shared mismatch... emm, maybe not. Double check it and report back.



Community Member

Re: Aironet 1200 and windows 2008 radius

Hi Ernst,

As Gerald mentioned, it is certainly possible to use IAS / NPS for authentication, I've used it many times.

One thing that you might want to check is in the NPS policy, set it to ignore Dial-In settings on the account properties, which is deny by default.

Otherwise there must be a mis-match in the security protocol setup - you might want to give us more details of how the NPS is configured



Sent from Cisco Technical Support iPad App

Community Member

Aironet 1200 and windows 2008 radius


Thanks for your reply.

However, in the mean time I reconfigured the aironet to use the built-in radius server instead of a windows radius server. This is also not working, all the login attempts failed with an unknown username.

We have standard windows clients (XP and win7) and some mobile devices (android).

Where to look why the username's are wrong?

CreatePlease to create content