Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Client fails to authenticate on infrastructure AP

Hi all,

here is the setup we have:

25 APs using two WDSes(one backup) authenticating using LEAP (all correctly registered), using ACS 4.2. Clients are authenticating using WPA2/AES/PEAP/MS-CHAPv2.

Normally, it work fine, for most of the clients. Then, numerous authentication fail, no log on ACS, WDS says either pass or nothing, infrastructure AP reports authentication failed. Sometimes during traffic monitoring using Wireshark, we see that AP sends a request to WDS but gets no response from it. Sometimes AP reports Authentication failed witout visible contact of the WDS (debug does give us anything).

We are using 12.3 (8) JEC1 on all APs. You can see a lot of sometimes, as we can not replicate the problem 1 on 1, it is just what we extract when we try many times. We have added the following changes fro the recomended configuration:

dot1x timeout supp-response 90

dot1x timeout supp-response 120 local

radius-server timeout 20

removed ARP dot11 cache, as we have many machines with network enabled with wireless at the same time.

Any thoughts/comments are welcome.

regards,

Vladan

1 REPLY
Bronze

Re: Client fails to authenticate on infrastructure AP

Here is the URL For the authentication in ACS and also contains Monitoring & Report Viewer Troubleshooting

Follow the steps it may help you

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.0/user/guide/EAP_PAP_Phase.html

219
Views
0
Helpful
1
Replies