Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Automatic Radio Interface disabling of WGB

At a scheduled time every day (11 pm), users are automtically disabled in AD, so that nobody can log into the workgroup bridge.

In the morning they will be re-enabled.

But the radio interface is in the morning in the "disable" state and can only be enabled by a manual restart of the Workgroup Bridge or set up the command "no shutdown" at interface by CLI.

Is there somebody who can help me?

Is there any command to block that?

In Log there are following messages:

Log Buffer (64000 bytes):
Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 03:58:39.548: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:04:17.564: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: Too many retries
Feb 10 04:08:45.656: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:10:00.656: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:10:51.660: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:21:30.700: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:22:54.708: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:27:42.760: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: Too many retries
Feb 10 04:28:17.760: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:29:16.772: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:30:36.816: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:32:48.836: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:33:17.836: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: Authenticate response timeout
Feb 10 04:34:40.836: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:35:21.852: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:36:03.852: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:36:26.852: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:36:37.852: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: EAP authenticating
Feb 10 04:40:15.852: %DOT11-4-CANT_ASSOC: Interface Dot11Radio1, cannot associate: Too many retries

The Configuration of the WGB:

version 15.2

no service pad

service timestamps debug datetime msec localtime

service timestamps log datetime msec localtime

service password-encryption

!

hostname xxxxxx

!

logging buffered 64000

logging rate-limit console 9

enable secret 5 $1$IWoP$2TEpULAAQFyh3/5LbygmD1

!

aaa new-model

!

!

aaa authentication xxxxxxx

aaa authorization exec default local

aaa authorization commands 0 default local

aaa authorization commands 2 default local

aaa authorization commands 15 default local

!

!

!

!

!

aaa session-id common

clock timezone MEZ 1 0

clock summer-time MESZ recurring last Sun Mar 2:00 last Sun Oct 3:00

no ip routing

no ip domain lookup

ip domain name xxxxxxxx

!

!

dot11 syslog

!

dot11 ssid xxxxxx

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa version 2

authentication client username xxxxxxxxx password 7 xxxxxxxx

infrastructure-ssid

!

power inline negotiation prestandard source

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-422515618

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-422515618

revocation-check none

rsakeypair TP-self-signed-422515618

!

!

crypto pki certificate chain TP-self-signed-422515618

username xxxxxmin privilege 15 password 7 094D6A0410565A3F59

username xxxxxa2 privilege 15 password 7 09654F041C165653

username xxxxxc0 privilege 15 secret 5 $1$fxqT$g5uUlSYwU51aEBrSkNzIG0

username xxxxxd1 privilege 15 secret 5 $1$/gU7$uC3wTjl7MsOkxFDrwC6ru0

username xxxxxr2 privilege 15 secret 5 $1$YcW/$eQrfnuhu/IRwXrQZHfrj..

!

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

shutdown

!

encryption mode ciphers aes-ccm tkip

!

broadcast-key change 100

!

antenna gain 0

station-role root

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Dot11Radio1

no ip address

no ip route-cache

!

encryption mode ciphers aes-ccm tkip

!

ssid xxxxxx

!

antenna gain 0

stbc

station-role workgroup-bridge

l2-filter bridge-group-acl

bridge-group 1

bridge-group 1 spanning-disabled

!

interface GigabitEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

no keepalive

bridge-group 1

bridge-group 1 input-address-list 700

bridge-group 1 spanning-disabled

!

interface BVI1

ip address dhcp client-id GigabitEthernet0

no ip route-cache

!

no ip http server

ip http authentication aaa login-authentication login

ip http secure-server

ip http help-path

http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

access-list 1 permit xxx.xxx.xxx.xxx

access-list 1 permit xxx.xxx.xxx.xxx

access-list 1 permit xxx.xxx.xxx.xxx

access-list 1 permit xxx.xxx.xxx.xxx

access-list 1 permit xxx.xxx.xxx.xxx

access-list 1 permit xxx.xxx.xxx.xxx

access-list 1 permit xxx.xxx.xxx.xxx

access-list 1 deny any

access-list 700 permit xxxx.xxxx.xxxx xxxx.xxxx.xxxx

access-list 700 deny 0000.0000.0000 ffff.ffff.ffff

snmp-server community xxxxxxxxxxxxxxxxx RO

snmp-server community xxxxxxxxxxxxxxxxxxxxx RW

snmp-server location xxxxxxxx xxxxxxxxx xxxxxxxxx

snmp-server contact xxxxxxxxxxxx

!

bridge 1 route ip

!

!

!

line con 0

line vty 0 4

access-class 1 in

transport input ssh

line vty 5 15

access-class 1 in

transport input ssh

!

sntp server xxx.xxx.xxx.xxx

end

Thanks and Best Regards,

Martin

2 REPLIES
Hall of Fame Super Silver

Re: Automatic Radio Interface disabling of WGB

I don't thing there is anything you can do. This was a problem in the past also that I have seen or even that the WGB itself would need to be rebooted. Maybe have a machine do a constant ping the WGB overnight and see if the WGB stays up.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
New Member

Hi Scott,thanks for the reply

Hi Scott,

thanks for the reply.

Is it possible to block the port through a keepalive or anything else?

Regards

280
Views
0
Helpful
2
Replies
CreatePlease login to create content