I am seriously stuck. I have spent the past week trying to get EAP-PEAP MSChap to work using a WLAN 4402 controller. I cannot find any documentation on how to propperly set up the WLAN controller to do this. I have gone through over 500 pages of microsoft documentation on how to setup IAS and a certificate server. I believe that this part is working right. I dont believe that the WLAN controller is properly handeling authentication requests. WLAN controller is currently set to WAP2(802.1x), Radius Auth and Accounting servers IP's are set and pingable. Does anyone know of any good documentation to configure WLAN controller to do this?
WLAN Controller Log Reads:
[SECURITY] 1x_auth_pae.c 2367: Reached Max EAP-Identity Request retries (21) for STA xx:xx:xx:xx:xx:xx
Tue Nov 7 08:41:07 2006 [ERROR] dot1x_msg_task.c 357: mscb not found for STA xx:xx:xx:xx:xx:xx - unable to process 802.1x event 4
Tue Nov 7 08:41:07 2006 Previous message occurred 3 times
I have actually already looked through this power point. It is great information for setting up the IAS server. I believe that the IAS server is set up correct. I am looking for documentation on how to set up the WLAN controller /Client for RADIUS PEAP authentication and accounting.
I am finally getting a chance to get back to this issue. I do not know what version I am running (Brand new 4402 WLAN controller). However the 3.2 steps seemed to make sense. I am fairly confident that the Authentication request isn't even making it to the IAS server. I used Etherreal and saw no packets using the specified Radius ports. I keep turning back to the controller settings as being the cause of the issue.
I have set up an interface on the WLAN controller using the 10.0.203.0/24 subnet. I have set up an Authentication / Accounting server up on the same subnet. My access points are broadcasting a SSID that uses DHCP to provide addresses on this same subnet.
Questions that I still have
1) Do I set up the WLAN controllers 10.0.203.X interface rather than the AP's interface in IAS under Radius Clients?
2.) What does the AAA overide do in the WLAN settings?
3.) Do I need to have the Use AES key wrap box checked under the Authentication server page?
4.)Do the Radius servers need to be on the same subnet as the managment interface to work properly?
5.)Do I need to create some sort of AP group or AP authentication group on the WLAN controller?