Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.

Autonomous AP with EAP and NPS Windows 2008R2

Hello,

 

I'm trying to configure ( three days and nothing :sad ) an autonomous AP with EAP authentication. The AP is a 1600 with software Version 15.2(2)JB2 and the RADIUS NPS is a Windows 2008R2.

When the client tries to authenticate, I get the following error on the AP:


Jun 12 11:39:13.945: RADIUS/ENCODE(00000062):Orig. component type = DOT11
Jun 12 11:39:13.945: RADIUS:  AAA Unsupported Attr: ssid              [347] 2   
Jun 12 11:39:13.945: RADIUS:  AAA Unsupported Attr: service-type      [345] 4   1
Jun 12 11:39:13.945: RADIUS:  AAA Unsupported Attr: interface         [222] 3   

Jun 12 11:39:13.945: RADIUS:   32                 [ 2]
Jun 12 11:39:13.945: RADIUS(00000062): Config NAS IP: 172.16.254.116
Jun 12 11:39:13.945: RADIUS(00000062): Config NAS IPv6:
Jun 12 11:39:13.945: RADIUS/ENCODE(00000062): acct_session_id: 87
Jun 12 11:39:13.945: RADIUS(00000062): Config NAS IP: 172.16.254.116
Jun 12 11:39:13.945: RADIUS(00000062): sending
Jun 12 11:39:13.945: RADIUS(00000062): Send Access-Request to 172.16.0.32:1812 id 1645/16, len 176
Jun 12 11:39:13.945: RADIUS:  authenticator 22 42 80 A5 A5 A3 1B 9C - 3C 79 68 45 58 6E BF 0D
Jun 12 11:39:13.945: RADIUS:  User-Name           [1]   28  "host/WM-WSUS-998.empresa.local"
Jun 12 11:39:13.945: RADIUS:  Framed-MTU          [12]  6   1400                      
Jun 12 11:39:13.945: RADIUS:  Called-Station-Id   [30]  22  "2C-3E-CF-0B-BF-60:1A"
Jun 12 11:39:13.945: RADIUS:  Calling-Station-Id  [31]  16  "001e.58a2.ba4b"
Jun 12 11:39:13.945: RADIUS:  Service-Type        [6]   6   Login                     [1]
Jun 12 11:39:13.945: RADIUS:  Message-Authenticato[80]  18  
Jun 12 11:39:13.945: RADIUS:   FF FB F9 0F BB 98 02 E3 19 71 EC DF 94 D6 13 A6                 [ q]
Jun 12 11:39:13.945: RADIUS:  EAP-Message         [79]  33  
Jun 12 11:39:13.945: RADIUS:   02 02 00 1F 01 68 6F 73 74 2F 57 4D 2D 57 53 55 53 2D 39 39 38  [host/WM-WSUS-998]
Jun 12 11:39:13.945: RADIUS:   2E 63 62 61 2E 6C 6F 63 61 6C        [ .empresa.local]
Jun 12 11:39:13.945: RADIUS:  NAS-Port-Type       [61]  6   802.11 wireless           [19]
Jun 12 11:39:13.945: RADIUS:  NAS-Port            [5]   6   277                       
Jun 12 11:39:13.945: RADIUS:  NAS-Port-Id         [87]  5   "277"
Jun 12 11:39:13.945: RADIUS:  NAS-IP-Address      [4]   6   172.16.254.116            
Jun 12 11:39:13.945: RADIUS:  Nas-Identifier      [32]  4   "ap"
Jun 12 11:39:13.945: RADIUS(00000062): Sending a IPv4 Radius Packet
Jun 12 11:39:13.945: RADIUS(00000062): Started 5 sec timeout
Jun 12 11:39:13.949: RADIUS: Received from id 1645/16 172.16.0.32:1812, Access-Reject, len 44
Jun 12 11:39:13.949: RADIUS:  authenticator 7E 87 33 D9 2C 29 15 87 - 54 75 9A A2 A2 3E 63 08
Jun 12 11:39:13.949: RADIUS:  EAP-Message         [79]  6   
Jun 12 11:39:13.949: RADIUS:   04 02 00 04
Jun 12 11:39:13.949: RADIUS:  Message-Authenticato[80]  18  
Jun 12 11:39:13.949: RADIUS:   89 B3 79 93 B1 C5 2B 9D 43 A2 65 AE 9C 04 91 A4              [ y+Ce]
Jun 12 11:39:13.953: RADIUS(00000062): Received from id 1645/16
Jun 12 11:39:13.953: RADIUS/DECODE: EAP-Message fragments, 4, total 4 bytes
Jun 12 11:39:13.953: %DOT11-7-AUTH_FAILED: Station 001e.58a2.ba4b Authentication failed
Jun 12 11:39:14.973: RADIUS/ENCODE(00000063):Orig. component type = DOT11
Jun 12 11:39:14.973: RADIUS:  AAA Unsupported Attr: ssid              [347] 2   
Jun 12 11:39:14.973: RADIUS:  AAA Unsupported Attr: service-type      [345] 4   1
Jun 12 11:39:14.973: RADIUS:  AAA Unsupported Attr: interface         [222] 3   

Jun 12 11:39:14.973: RADIUS:   32                 [ 2]
Jun 12 11:39:14.973: RADIUS(00000063): Config NAS IP: 172.16.254.116
Jun 12 11:39:14.973: RADIUS(00000063): Config NAS IPv6:
Jun 12 11:39:14.973: RADIUS/ENCODE(00000063): acct_session_id: 88
Jun 12 11:39:14.973: RADIUS(00000063): Config NAS IP: 172.16.254.116
Jun 12 11:39:14.973: RADIUS(00000063): sending
Jun 12 11:39:14.973: RADIUS(00000063): Send Access-Request to 172.16.0.32:1812 id 1645/17, len 158
Jun 12 11:39:14.973: RADIUS:  authenticator 1D BA 6B A3 29 E2 0C AE - AA AA EC FD 14 2F CD 24
Jun 12 11:39:14.973: RADIUS:  User-Name           [1]   19  "Empresa\User"
Jun 12 11:39:14.973: RADIUS:  Framed-MTU          [12]  6   1400                      
Jun 12 11:39:14.973: RADIUS:  Called-Station-Id   [30]  22  "2C-3E-CF-0B-BF-60:1A"
Jun 12 11:39:14.973: RADIUS:  Calling-Station-Id  [31]  16  "001e.58a2.ba4b"
Jun 12 11:39:14.973: RADIUS:  Service-Type        [6]   6   Login                     [1]
Jun 12 11:39:14.973: RADIUS:  Message-Authenticato[80]  18  
Jun 12 11:39:14.973: RADIUS:   27 0E 57 4F 94 F1 A4 C2 A2 D7 CE 18 7C 2A B9 AF             [ 'WO|*]
Jun 12 11:39:14.973: RADIUS:  EAP-Message         [79]  24  
Jun 12 11:39:14.973: RADIUS:   02 02 00 16 01 43 42 41 5C 50 65 64 72 6F 2E 41 6C 6D 65 69 64  [Empresa\User]
Jun 12 11:39:14.973: RADIUS:   61                 [ a]
Jun 12 11:39:14.973: RADIUS:  NAS-Port-Type       [61]  6   802.11 wireless           [19]
Jun 12 11:39:14.973: RADIUS:  NAS-Port            [5]   6   278                       
Jun 12 11:39:14.973: RADIUS:  NAS-Port-Id         [87]  5   "278"
Jun 12 11:39:14.973: RADIUS:  NAS-IP-Address      [4]   6   172.16.254.116            
Jun 12 11:39:14.973: RADIUS:  Nas-Identifier      [32]  4   "ap"
Jun 12 11:39:14.973: RADIUS(00000063): Sending a IPv4 Radius Packet
Jun 12 11:39:14.973: RADIUS(00000063): Started 5 sec timeout
Jun 12 11:39:14.977: RADIUS: Received from id 1645/17 172.16.0.32:1812, Access-Challenge, len 90
Jun 12 11:39:14.977: RADIUS:  authenticator B0 3A 94 27 69 48 8A 39 - 71 DB 7C A3 6F B1 47 19
Jun 12 11:39:14.977: RADIUS:  Session-Timeout     [27]  6   30                        
Jun 12 11:39:14.977: RADIUS:  EAP-Message         [79]  8   
Jun 12 11:39:14.977: RADIUS:   01 03 00 06 19 20                 [  ]
Jun 12 11:39:14.977: RADIUS:  State               [24]  38  
Jun 12 11:39:14.977: RADIUS:   21 0E 03 C7 00 00 01 37 00 01 02 00 AC 10 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 7B 20 F6 EE            [ !7 0{ ]
Jun 12 11:39:14.977: RADIUS:  Message-Authenticato[80]  18  
Jun 12 11:39:14.977: RADIUS:   C3 8B 89 69 C7 7B 57 72 67 A5 8F B2 2C 84 44 7C          [ i{Wrg,D|]
Jun 12 11:39:14.977: RADIUS(00000063): Received from id 1645/17
Jun 12 11:39:14.977: RADIUS/DECODE: EAP-Message fragments, 6, total 6 bytes
Jun 12 11:39:14.985: RADIUS/ENCODE(00000063):Orig. component type = DOT11
Jun 12 11:39:14.985: RADIUS:  AAA Unsupported Attr: ssid              [347] 2   
Jun 12 11:39:14.985: RADIUS:  AAA Unsupported Attr: service-type      [345] 4   1
Jun 12 11:39:14.985: RADIUS:  AAA Unsupported Attr: interface         [222] 3   

Jun 12 11:39:14.985: RADIUS:   32                 [ 2]
Jun 12 11:39:14.985: RADIUS(00000063): Config NAS IP: 172.16.254.116
Jun 12 11:39:14.985: RADIUS(00000063): Config NAS IPv6:
Jun 12 11:39:14.985: RADIUS/ENCODE(00000063): acct_session_id: 88
Jun 12 11:39:14.985: RADIUS(00000063): Config NAS IP: 172.16.254.116
Jun 12 11:39:14.985: RADIUS(00000063): sending
Jun 12 11:39:14.985: RADIUS(00000063): Send Access-Request to 172.16.0.32:1812 id 1645/18, len 279
Jun 12 11:39:14.985: RADIUS:  authenticator BE 87 70 F0 26 CF FC 41 - 02 10 8D 7C CD 40 D1 12
Jun 12 11:39:14.985: RADIUS:  User-Name           [1]   19  "Empresa\User"
Jun 12 11:39:14.985: RADIUS:  Framed-MTU          [12]  6   1400                      
Jun 12 11:39:14.985: RADIUS:  Called-Station-Id   [30]  22  "2C-3E-CF-0B-BF-60:1A"
Jun 12 11:39:14.985: RADIUS:  Calling-Station-Id  [31]  16  "001e.58a2.ba4b"
Jun 12 11:39:14.985: RADIUS:  Service-Type        [6]   6   Login                     [1]
Jun 12 11:39:14.985: RADIUS:  Message-Authenticato[80]  18  
Jun 12 11:39:14.985: RADIUS:   63 30 E2 67 34 27 2D 93 C2 BD 0E F8 B0 E2 2D EF           [ c0g4'--]
Jun 12 11:39:14.985: RADIUS:  EAP-Message         [79]  107
Jun 12 11:39:14.985: RADIUS:   02 03 00 69 19 80 00 00 00 5F 16 03 01 00 5A 01 00 00 56 03 01 53 99 BB 5F 6E 1D 89 61 75 51 D9 7C C3 55 88 C7 E8 DF 37 E9 EB 1D 8C 21 09 0D 8C C5 59 47  [i_ZVS_nauQ|U7!YG]
Jun 12 11:39:14.985: RADIUS:   AD B1 00 00 18 00 2F 00 35 00 05 00 0A C0 13 C0 14 C0 09 C0 0A 00 32 00 38 00 13 00 04 01 00 00 15 FF 01 00 01 00 00 0A 00 06 00 04 00 17 00 18 00 0B 00 02 01 00              [ /528]
Jun 12 11:39:14.985: RADIUS:  NAS-Port-Type       [61]  6   802.11 wireless           [19]
Jun 12 11:39:14.985: RADIUS:  NAS-Port            [5]   6   278                       
Jun 12 11:39:14.985: RADIUS:  NAS-Port-Id         [87]  5   "278"
Jun 12 11:39:14.985: RADIUS:  State               [24]  38  
Jun 12 11:39:14.985: RADIUS:   21 0E 03 C7 00 00 01 37 00 01 02 00 AC 10 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 7B 20 F6 EE            [ !7 0{ ]
Jun 12 11:39:14.985: RADIUS:  NAS-IP-Address      [4]   6   172.16.254.116            
Jun 12 11:39:14.989: RADIUS:  Nas-Identifier      [32]  4   "ap"
Jun 12 11:39:14.989: RADIUS(00000063): Sending a IPv4 Radius Packet
Jun 12 11:39:14.989: RADIUS(00000063): Started 5 sec timeout
Jun 12 11:39:19.597: RADIUS(00000063): Request timed out
Jun 12 11:39:19.597: RADIUS: Retransmit to (172.16.0.32:1812,1813) for id 1645/18
Jun 12 11:39:19.597: RADIUS(00000063): Started 5 sec timeout
Jun 12 11:39:23.981: RADIUS(00000063): Request timed out
Jun 12 11:39:23.981: RADIUS: Retransmit to (172.16.0.32:1812,1813) for id 1645/18
Jun 12 11:39:23.981: RADIUS(00000063): Started 5 sec timeout
Jun 12 11:39:28.365: RADIUS(00000063): Request timed out
Jun 12 11:39:28.365: RADIUS: Retransmit to (172.16.0.32:1812,1813) for id 1645/18
Jun 12 11:39:28.365: RADIUS(00000063): Started 5 sec timeout
Jun 12 11:39:33.005: RADIUS(00000063): Request timed out
Jun 12 11:39:33.005: RADIUS: Retransmit to (172.16.0.32:1812,1813) for id 1645/18
Jun 12 11:39:33.005: RADIUS(00000063): Started 5 sec timeout
Jun 12 11:39:37.389: RADIUS(00000063): Request timed out
Jun 12 11:39:37.389: RADIUS: Fail-over denied to  (172.16.0.32:1812,1813) for id 1645/18
Jun 12 11:39:37.389: RADIUS: No response from (172.16.0.32:1812,1813) for id 1645/18
Jun 12 11:39:37.389: RADIUS/DECODE: No response from radius-server; parse response; FAIL
Jun 12 11:39:37.389: RADIUS/DECODE: Case error(no response/ bad packet/ op decode);parse response; FAIL

 

 

1 ACCEPTED SOLUTION

Accepted Solutions

Refer; https://supportforums

Refer; https://supportforums.cisco.com/discussion/12047736/rras-authentication-and-aironet-1600

2 REPLIES

Refer; https://supportforums

Refer; https://supportforums.cisco.com/discussion/12047736/rras-authentication-and-aironet-1600

Thanks for help Saurav, I

Thanks for help Saurav,

 

I solved this problem.

https://supportforums.cisco.com/discussion/12047736/rras-authentication-and-aironet-1600

 

 

423
Views
0
Helpful
2
Replies
CreatePlease to create content