I have been trying to get a Cisco 350 Access Point (Firmware 12.00T/5.02B) to talk a RADIUS; specifically RADIATOR radius. I have followed the instruction in the security setup documentation. But I have not been able to do even just the basic MAC address authentication. The RADIUS side is all set to go since it works properly with APs of other vendors. The setup in the Cisco side, according to the documentation, is as followed:
1.(Setup -> Address Filter) I have set "yes" to select the option called Lookup MAC Address on Authentication Server if not in Existing Filter List. With this option enabled. I have also entered the MAC address of the AP in the "Allowed" addresses list.
2. (setup -> security -> authentication server) I have entered the IP, shared secret, and port # for the RADIUS, and checked "MAC address authentication" (and selected "draft 10").
3. (setup -> security -> Radio WEP) I have set "Optional" in the "Use of Data Encryption by the station", and checked "Open" and "Shared" in the "Accept Authentication Type", with all other options (including require EAP) unchecked. I have also set up a 128-bit WEP key with default "Transmit with key".
4. (setup -> AP radio -> advanced Primary SSID setup) I set "Disallowed" for Default Unicast Address Filter corresponding to (Accept Authentication Type) "Open" and "Shared".
After saving all the settings, I tested it using a Symbol card on a Pocket PC (CE OS). It authenticates successfully on the RADIUS with AP of other vendors. I also see the packet of RADIUS protocol sent to RADIUS when I monitored using Ethereal.
But when I tested it on Cisco AP 350 and monitored using Ethereal, I did not see the Cisco AP 350 sends out any packets with RADIUS protocol to the RADIUS.
Can anyone help and offer insights into what I might have missed. Many thanks in advance!
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...
I have created a Powershell script to automatically add a Wireless Guest
User on Cisco WLCs. (tested on 2500 Series) The script should be
completely self explanatory. Prerequisites: Powershell SNMP Module
(Install-Module -Name SNMP) SNMP Write Access to y...