Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

setting up LEAP first time

Does anyone have any updated documentation/reference on setting up leap on an "ap 1200" with acs?

Adapter and AP works fine with Wep enabled, however when enabling LEAP I am unable to associate. Can't find diagnostics or logging to determine if problem is at acs server or access point or adapter. Thanks in advance

-Eric

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: setting up LEAP first time

Hi ,

a) on ap1200 on console you can run

:eap_diag1_on

:eap_diag2_on

to turn off

:eap_diag1_off

:eap_diag2_off

b)

Please make sure that on ap1200 setup-> security you have checked

open and network eap .

Configure 128 bit wep key in slot 1 ( Bkey )

c)

Configure Access Point to point to ACS for authentication. Using the GUI browse to Setup->Security and Select Authentication server

option.

Enter the IP address of the radius server and the secret key.

On the ACS , make sure you configure AP as client . and select raidus Cisco Aironet

Make sure authe port an shared secret matches on AP and on ACS .

d) you can enable full log on ACS and troubleshoot .

Debug information:

This sample debug information is captured at max. logging level of ACS. (ACS GUI->System

Configuratoin->Logging->Level of detail full.

This is csradius log file. Fore more information on ACS debug information, please refer to

http://www.cisco.com/warp/customer/480/9.html

http://www.cisco.com/en/US/products/hw/wireless/ps430/products_white_paper09186a00800b3d27.shtml

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/accsspts/ap350scg/ap350ch8.htm

http://www.cisco.com/en/US/products/hw/wireless/ps430/products_white_paper09186a00800b469f.shtml

Note :

Wrong ACS address in AP:

If you have entered wrong IP address of ACS you will see in AP

No EAP-Authentication response for station XXXXXXXX from server 172.17.241.43

Make sure you are running latest firmware and driver on Ap and on client side .

Nilesh

1 REPLY
Cisco Employee

Re: setting up LEAP first time

Hi ,

a) on ap1200 on console you can run

:eap_diag1_on

:eap_diag2_on

to turn off

:eap_diag1_off

:eap_diag2_off

b)

Please make sure that on ap1200 setup-> security you have checked

open and network eap .

Configure 128 bit wep key in slot 1 ( Bkey )

c)

Configure Access Point to point to ACS for authentication. Using the GUI browse to Setup->Security and Select Authentication server

option.

Enter the IP address of the radius server and the secret key.

On the ACS , make sure you configure AP as client . and select raidus Cisco Aironet

Make sure authe port an shared secret matches on AP and on ACS .

d) you can enable full log on ACS and troubleshoot .

Debug information:

This sample debug information is captured at max. logging level of ACS. (ACS GUI->System

Configuratoin->Logging->Level of detail full.

This is csradius log file. Fore more information on ACS debug information, please refer to

http://www.cisco.com/warp/customer/480/9.html

http://www.cisco.com/en/US/products/hw/wireless/ps430/products_white_paper09186a00800b3d27.shtml

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/accsspts/ap350scg/ap350ch8.htm

http://www.cisco.com/en/US/products/hw/wireless/ps430/products_white_paper09186a00800b469f.shtml

Note :

Wrong ACS address in AP:

If you have entered wrong IP address of ACS you will see in AP

No EAP-Authentication response for station XXXXXXXX from server 172.17.241.43

Make sure you are running latest firmware and driver on Ap and on client side .

Nilesh

228
Views
0
Helpful
1
Replies
CreatePlease to create content