I am currently in the process of testing WPA2 secured wireless LAN with a MAC filter hosted on the very same ACS server, which is used for user authentication. The MACs themselves however are not hosted on the ACS but stored on an LDAP server. I got it to work without issues when using say a 5508.
The ACS log only said that the user authentication failed, but no further reason.
I did a debug on the whole communication between the 5760 to the ACS to the LDAP server and noticed one difference. The packet capture revealed that the password send along with the LDAP bind request when authenticating over the 5760 is not the same as the one using a 5508. It seems to be scrambled. Subsequently I wanted to know what happens, when using the ACS directly as the MAC hoster. Did not work either. I suspect something similar here as well. Unfortunately I cannot directly view the clear text user-password attribute in the RADIUS request, as it is encrypted.
Did anyone else stumble upon this pitfall and managed to get it to work?
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...