Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

IEEE 802.1x wireless client authentication.

Hello.

I'm using PEAP to authenticate wireless client: machine authentication only.

For W2000 client only, when systems start these are successfully authenticated using the computer account; after some seconds a re-key entry can be founded on ACS report with the same computer account or user account if they're making login.

Andrea.

2 REPLIES

Re: IEEE 802.1x wireless client authentication.

Andrea,

The 'Re-Key OK' message on ACS means that Cisco-Aironet-Session-Timeout has occured. Hence, the session (dynamic) keys need to be re-established.

This message appears because of the dynamic WEP key configured for authentication

reasons.

To increase this, please go to

'Security' -> 'Encryption Manager' on the AP

Over there under 'Global Properties'

Broadcast Key Rotation Interval:

check Enable Rotation with Interval and enter a value as needed.

Similarly, this value should be same on the ACS RADIUS(IETF) 27 attribute.

Regards,

~JG

Community Member

Re: IEEE 802.1x wireless client authentication.

Hello and many thanks for your help.

I'm using CiscoSecure ACS to configure [5842\001] Cisco-Aironet-Session-Timeout to the same value of [027] Session-Timeout.

341
Views
0
Helpful
2
Replies
CreatePlease to create content