I have an autonomous 1130AG configured with 3 SSID's on 3 vlan's. The first SSID uses EAP-FAST, the second SSID uses LEAP and the third SSID uses WPA-PSK. I am using the Cisco abg card with the Cisco ADU. I have configured all three SSID's on the ADU but can only get a link on the WPA-PSK ssid. When I select one of the first two SSID's, I do not even get a link to even try to authenticate.
Anyone have any idea's what might be going on? I can see all of the SSID's when I use the scan feature of the ADU and have tried the same setup on two other AP's with know luck. All three SSID's are configured with mbssid guess-mode.
I have reconfigured the AP to just one SSID using EAP-FAST and I still cannot even get a link on the ADU. Here is the config from the AP. I am seeing the SSID when I use the scan function of the ADU.
service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname 1130a ! enable secret 5 $1$zx2l$SmmwKW13XmXdiQlbrJ/m// ! aaa new-model ! ! aaa group server radius rad_eap ! aaa group server radius rad_mac ! aaa group server radius rad_acct ! aaa group server radius rad_admin ! aaa group server tacacs+ tac_admin ! aaa group server radius rad_pmip ! aaa group server radius dummy ! aaa group server radius rad_eap1 server 192.168.1.26 auth-port 1812 acct-port 1813 ! aaa authentication login eap_methods group rad_eap aaa authentication login mac_methods local aaa authentication login eap_methods1 group rad_eap1 aaa authorization exec default local aaa accounting network acct_methods start-stop group rad_acct ! aaa session-id common ! ! ! dot11 ssid Lab03a authentication open eap eap_methods1 authentication key-management wpa version 2 guest-mode infrastructure-ssid optional ! power inline negotiation prestandard source ! ! username Cisco password 7 106D000A0618 ! bridge irb ! ! interface Dot11Radio0 no ip address no ip route-cache ! encryption mode ciphers aes-ccm ! ssid Lab03a ! channel 2412 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface Dot11Radio1 no ip address no ip route-cache shutdown dfs band 3 block channel dfs station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface FastEthernet0 no ip address no ip route-cache duplex auto speed auto bridge-group 1 no bridge-group 1 source-learning no bridge-group 1 source-learning ! interface BVI1 ip address 172.23.20.20 255.255.255.0 no ip route-cache ! ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1 radius-server attribute 32 include-in-access-req format %h radius-server host 192.168.1.26 auth-port 1812 acct-port 1813 key 7 060506324F41
radius-server vsa send accounting bridge 1 route ip ! ! ! line con 0 line vty 0 4 ! end
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...