Help with inconsistant MAC authentication on AP1200's
I am troubleshooting an issue with a wireless LAN that consists of 9 identical 1200 series AP's. All 9 AP's are configured the same except for IP and Hostname. There are 74 Wireless users at this site, they are required to authenticate to the AP's using a WEP key + MAC. All 74 MAC addresses have been entered into the access points manually from the command line.
The problem we are having is that as the number of MAC address has grown, an increasing number of the clients can no longer authenticate. They associate OK but are unable to authenticate and pick up an IP address. It also seems that the further down the list of MAC addresses in the list the client is, the more likely the problem is to happen.
Example: New Acer laptop MAC address is entered into the local database and appears at the end of the list. This laptop will not authenticate. when this MAC is entered in a fashion that places it at the top of the list, it will authenticate without any problems. This may or may not cause one of the previously entered MAC's which was authenticating to loose its ability to authenticate as it has now been bumped further down the list of MAC addresses in the local database.
I have read that MAC addresses should be entered using the CLI due to an issue that only allows the first 43 MACS to be entered from the GUI. We have been entering all MACS from the CLI as follows:
Re: Help with inconsistant MAC authentication on AP1200's
Based on experienced, if more wifi clients exists in the network, it's recommended to use external authentication database like Cisco Secure ACS.
Like you mentioned, web-brower only allows you to enter the first 43 MACs. If you have more than that, you need to use CLI which support max of 2,048 MACs. But to have hundreds of MACs in every APs is a huge task, and less practical.
With Cisco Secure ACS, it allows you to eliminate AP's authentication-related issues, managed the user database and helps network admin to manage the wifi services efficiently.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...