Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
2
Replies

WDS issue

Rafael Jimenez
Level 4
Level 4

‎04-28-2009 12:18 PM - edited ‎07-03-2021 05:30 PM

I setup an 1240 radio with the following configuration but I don't know why it is not working … I'm getting a authentication error. I will appreciate your help.

Thanks.

aaa new-model

aaa group server radius rad_eap

server 192.168.10.111 auth-port 1645 acct-port 1646

…

…

aaa group server radius dummy

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods local

aaa authorization exec default local

aaa accounting network acct_methods start-stop group rad_acct

aaa session-id common

dot11 vlan-name blue vlan 100

dot11 vlan-name red vlan 200

dot11 ssid blue

vlan 100

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa

…

…

username Cisco password 7 ……

…

…

interface Dot11Radio0

encryption vlan 100 mode ciphers tkip

encryption vlan 200 mode ciphers tkip

ssid blue

ssid red

station-role root

…

ip radius source-interface BVI1

radius-server local

no authentication eapfast

no authentication mac

nas 192.168.10.111 key 0 Cisco

user Cisco password 0 Cisco

!

radius-server attribute 32 include-in-access-req format %h

radius-server host 192.168.10.111 auth-port 1645 acct-port 1646 key 0 Cisco

radius-server vsa send accounting

…

…

wlccp ap username Cisco password 0 Cisco

wlccp wds priority 254 interface BVI1

debug output:

*Mar 1 00:24:11.155: WDS: WLCCP_TYPE_AAA (START) rcvd, Org = 0040.9653.d356, Rsp = 001d.7097.b8fa, Req 0040.9653.d356, id 1 auth 4 key 0

*Mar 1 00:24:11.156: WDS: WLCCP_TYPE_AAA (EAPOL) sent with Source IP = 192.168.10.111, Org = 001d.7097.b8fa, Rsp = 0040.9653.d356, Req 0040.9653.d356, auth 4, key 0

*Mar 1 00:24:11.156: WDS: WLCCP_TYPE_AAA (START) rcvd, Org = 0040.9653.d356, Rsp = 001d.7097.b8fa, Req 0040.9653.d356, id 1 auth 4 key 0

*Mar 1 00:24:11.157: WDS: WLCCP_TYPE_AAA (EAP Request) rcvd, Org = 0040.9653.d356, Rsp = 001d.7097.b8fa, Req 0040.9653.d356, id 2 auth 0 key 0

*Mar 1 00:24:11.157: WDS: WLCCP_TYPE_AAA (EAP Request) rcvd, Org = 0040.9653.d356, Rsp = 001d.7097.b8fa, Req 0040.9653.d356, id 2 auth 0 key 0

*Mar 1 00:24:11.157: WDS: WLCCP_TYPE_AAA (EAPOL) sent with Source IP = 192.168.10.111, Org = 001d.7097.b8fa, Rsp = 0040.9653.d356, Req 0040.9653.d356, auth 4, key 0

*Mar 1 00:24:11.161: WDS: WLCCP_TYPE_AAA (EAP Request) rcvd, Org = 0040.9653.d356, Rsp = 001d.7097.b8fa, Req 0040.9653.d356, id 3 auth 0 key 0

*Mar 1 00:24:11.161: WDS: WLCCP_TYPE_AAA (EAP Request) rcvd, Org = 0040.9653.d356, Rsp = 001d.7097.b8fa, Req 0040.9653.d356, id 3 auth 0 key 0

*Mar 1 00:24:11.162: WDS: WLCCP_TYPE_AAA (EAP Request) rcvd, Org = 0040.9653.d356, Rsp = 001d.7097.b8fa, Req 0040.9653.d356, id 4 auth 0 key 0

*Mar 1 00:24:11.162: WDS: WLCCP_TYPE_AAA (EAP Request) rcvd, Org = 0040.9653.d356, Rsp = 001d.7097.b8fa, Req 0040.9653.d356, id 4 auth 0 key 0

*Mar 1 00:24:11.163: WDS: WLCCP_TYPE_AAA (EAPOL) sent with Source IP = 192.168.10.111, Org = 001d.7097.b8fa, Rsp = 0040.9653.d356, Req 0040.9653.d356, auth 4, key 0

*Mar 1 00:24:11.163: WDS: DOT11_AAA_FAILURE ...

*Mar 1 00:24:11.163: WDS: WLCCP_TYPE_AAA (FINISH) sent with Source IP = 192.168.10.111, Org = 001d.7097.b8fa, Rsp = 0040.9653.d356, Req 0040.9653.d356, auth 4, key 0

*Mar 1 00:24:11.164: WDS: DOT11_AAA_FAILURE ...

*Mar 1 00:31:47.953: dot11_auth_dot1x_run_rfsm: Executing Action(SERVER_WAIT,SERVER_FAIL) for 001d.7097.b8fa

*Mar 1 00:31:47.954: dot11_auth_dot1x_send_response_to_client: Forwarding server message to client 001d.7097.b8fa

*Mar 1 00:31:47.954: EAPOL pak dump tx

*Mar 1 00:31:47.954: EAPOL Version: 0x1 type: 0x0 length: 0x0004

Labels:
0 Helpful
2 Replies 2

gamccall
Level 4
Level 4

‎04-28-2009 01:39 PM

What errors if any show up in the radius server logs?

0 Helpful

Rafael Jimenez
Level 4
Level 4

‎04-28-2009 01:47 PM

The radius is local. the ap is the radius server.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card