Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

1231 IOS APs as P-to-P bridges

I'm trying to set-up two b/g 1231s in Point-to-Point bridge mode with local-radius eap on the root and WPA/TKIP.

Config looks identical to what's running on 13xx & 14xx bridges but the local-radius server on the root keeps showing up as dead and the two bridges never complete the auth process.

IOS is c1200-k9w7-mx.123-8.JEB1.

Trunking two vlans, one for mgt. & one for users across the street.

WPA-PSK works and it looks like I could fall back to WEP-LEAP too.

Anybody tried this? Ideas, suggestions?

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions

Re: 1231 IOS APs as P-to-P bridges

Are you doing LEAP+WPA/TKIP ? I've tested this setup with bridging+multiple vlans+wpa/wpa2+tkip/aes+LEAP/EAP-FAST/EAP-TLS+local EAP, and they all worked. Can you post your config?

You mentioned that WEP+LEAP worked and also that local-radius server shows up as dead, so I'm not sure if your local EAP is actually working.

Make sure you are using auth-port 1812 (not default 1645). Here's a sample config:

aaa group server radius rad_eap

server 192.168.0.1 auth-port 1812 acct-port 1813

!

aaa authentication login eap_methods group rad_eap

!

radius-server host 192.168.0.1 auth-port 1812 acct-port 1813 key cisco

!

radius-server local

nas 192.168.0.1 key cisco

user X password Y

2 REPLIES

Re: 1231 IOS APs as P-to-P bridges

Are you doing LEAP+WPA/TKIP ? I've tested this setup with bridging+multiple vlans+wpa/wpa2+tkip/aes+LEAP/EAP-FAST/EAP-TLS+local EAP, and they all worked. Can you post your config?

You mentioned that WEP+LEAP worked and also that local-radius server shows up as dead, so I'm not sure if your local EAP is actually working.

Make sure you are using auth-port 1812 (not default 1645). Here's a sample config:

aaa group server radius rad_eap

server 192.168.0.1 auth-port 1812 acct-port 1813

!

aaa authentication login eap_methods group rad_eap

!

radius-server host 192.168.0.1 auth-port 1812 acct-port 1813 key cisco

!

radius-server local

nas 192.168.0.1 key cisco

user X password Y

New Member

Re: 1231 IOS APs as P-to-P bridges

Thanks. I just got back from installing them. I rebuilt the configs from scratch, changing the auth ports and I had missed entering the nas IPs.

117
Views
0
Helpful
2
Replies