Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Microsoft IAS PEAP & WPA/TKIP

I am trying to get the AP's that I manage to authenticate users against our Active Directory using Microsoft IAS. I have a combination of AP1231G and AP1131G units which have been configured to authenticate against the IAS server, but my auths are failing. The basics of the Configs are as follows:

AP's

aaa group server radius rad_eap

server 10.X.X.X auth-port 1812 acct-port 1813

dot11 ssid test

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa

radius-server attribute 32 include-in-access-req format %h

radius-server host 10.3.24.16 auth-port 1812 acct-port 1813

radius-server vsa send accounting

The IAS is configured for PEAP/MS-CHAPv2

Ant thoughts on why my Auths are failing?

2 REPLIES

Re: Microsoft IAS PEAP & WPA/TKIP

Could be all sorts of things : ) What errors are there in the AP logs? In the EV on the server running IAS? How is your certificate configured and deployed?

A really good tool for configuring this setup on a Windows network is the Microsoft WLAN-PEAP Toolkit available from here:

http://go.microsoft.com/fwlink/?linkid=23481

It's got some very good scripts which do almost all the configuration you need for IAS, Cert Authority, etc, etc and some very good documentation on setting it all up and configuring it.

New Member

Re: Microsoft IAS PEAP & WPA/TKIP

Thanks, Some really helpful info here. I tracked the problem down to a Remote Access Policy that was just a bit too narrow in scope and corrected the issue. Everything is working now.

Thanks for the info.

325
Views
5
Helpful
2
Replies
CreatePlease login to create content