Hi, I have configured a WLAN for AAA authentication and have configured AAA/Radius authentication on the WLC, however the clients don't get authenticated when they try to join. I have run a debug and I am getting an authentication rejected message from the radius server. Below is the output.
Access-Challenge received from RADIUS server 10.24.12.32 for mobile x.x.x.x receiveId = 5
*Dot1x_NW_MsgTask_4: Nov 18 15:52:47.915: x.x.x.x Processing Access-Challenge for mobile x.x.x.x
*Dot1x_NW_MsgTask_4: Nov 18 15:52:47.915: x.x.x.x WARNING: updated EAP-Identifier 1 ===> 27 for STA x.x.x.x
*Dot1x_NW_MsgTask_4: Nov 18 15:52:47.915: x.x.x.x Sending EAP Request from AAA to mobile x.x.x.x (EAP Id 27)
*Dot1x_NW_MsgTask_4: Nov 18 15:52:47.935: x.x.x.x Received EAPOL EAPPKT from mobile x.x.x.x
*Dot1x_NW_MsgTask_4: Nov 18 15:52:47.935: x.x.x.x Received EAP Response from mobile x.x.x.x (EAP Id 27, EAP Type 3)
*aaaQueueReader: Nov 18 15:52:47.935: apfVapRadiusInfoGet: WLAN(1) dynamic int attributes srcAddr:0x0, gw:0x0, mask:0x0, vlan:0, dpPort:0, srcPort:0
*aaaQueueReader: Nov 18 15:52:47.935: x.x.x.x Successful transmission of Authentication Packet (id 76) to 10.24.12.32:1812, proxy state x.x.x.x-00:00
*radiusTransportThread: Nov 18 15:52:47.938: ****Enter processIncomingMessages: response code=3
****Enter processRadiusResponse: response code=3
*radiusTransportThread: Nov 18 15:52:47.938: x.x.x.x Access-Reject received from RADIUS server 10.24.12.32 for mobile x.x.x.x receiveId = 5
Thanks for the reply, I checked the logs and it shows the correct username who has attempted to login and then for the same user it shows the machine name trying to login. Could it be something to do with the client's configuration?
Are there any specific config that needs to be made on the clients who are mostly windows based devices, the user doesn't get prompted to enter a username or password even when 802.1X is selected for the Authentication.