I?m not sure if I have a hardware issue, or doing something fundamentally wrong with the way in which I?m configuring my WLAN. I?ve asked the server administrator to reboot the server today just in case it is a windows issue.
I?m getting no IAS / RADIUS requests in the system event log on the server, and the following reported in the log on the WLAN controller;
Log System Time Trap
0 Thu Dec 7 18:18:30 2006 RADIUS server 10.115.12.20:1812 failed to respond to request (ID 152) for client 00:0e:35:f8:5d:13 / user 'unknown'
1 Thu Dec 7 18:18:18 2006 RADIUS server 10.115.12.20:1812 failed to respond to request (ID 151) for client 00:0e:35:f8:5d:13 / user 'unknown'
4 x 1030 AP?s
1 x 4402 WLAN controller
2 x 3560 PoE switches
1 x w2k3 with IAS installed.
1 x secure WLAN (using ms-chap-v2)
1 x guest WLAN (just web authentication)
Wired LAN (where wired users and w2k3 server is located)
10.115.12.0 /24 (VLAN 201)
192.168.252.x /24 (VLAN 99 ? layer 2)
10.115.12.0 /24 (VLAN 201)
172.16.31.x /24 (VLAN 60)
W2k3 / IAS server 10.115.12.20
I have setup routing on the 3560?s between the VLANs, and able to ping from the WLAN controller to the server and vice versa, but this is not always the case ? which makes me think it may be hardware or the server needing a reboot.
Please can someone help me as spent two days on this, updated the code on the WLAN controller to 188.8.131.52 is an attempt to resolve, but didn?t help.
I?m not sure if it is routing, but seems to be very strange. I can also ping from the wired LAN to the SVI on the 3560 (172.16.31.1, but not always to the management on 172.16.31.30).
I also have the Guest WLAN getting IP addresses from a local scope on the WLAN controller as these did not hit the w2k3 server either.
I will attach config extracts for a better explanation.
I think since the RADIUS server says the user is unknown, the username and password configuration or any other credentials of the user should be the problem. Ensure whether the username and password are the same on both the client and IAS Server.
Ensure that the problem is only with this particular client and the request successfully passes for the other clients.fi the RADIUS request is able to reach the server, then I dont thnik there is a routing issue. Try pinging the receive route from the server till the client for confirming the connectivity.
Hi, i think i have a similar problem with the authentication, I hope you solved it and help me , I have these messages in the controller (attached txt). It seems that just the client cant receive the authentication but we've checked the server and everything there its ok so maybe the problem is with the controller.
To resolve me issue, I created a separate subnet for both the wired and wireless users to resolve. (wouldn't work on the same ip subnet).
Suspect it would be good to check you are running and up to date version of code on the WLC as well. (at least version 4.1.x)
Other things to check is that if your using the intel chipset on laptops, ie the 2200BG or 3945ABG there is a setting for roaming agressiveness which could mean the client roams to another ap before completing the authentication. you can adjust this in the intel proset client software.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...