I'm attempting to setup a 1200 AP with 12.2(13)JA1 to locally authenticate WDS, but to have LEAP clients authenticate back to the ACS Server. I first get client auth working to the ACS server, then add the WDS config. At this point WDS registers correctly, but clients can no longer authenticate.
Is this a invalid design or a bug?
aaa group server radius rad_eap
server 10.1.0.3 auth-port 1645 acct-port 1646
aaa group server radius wlse_infra_rad
server 10.1.0.30 auth-port 1812 acct-port 1813
aaa authentication login eap_methods group rad_eap
aaa authentication login method_wlse_infra_rad group wlse_infra_rad
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
First let me state that I have only configured WDS once on 2 AP's for testing. So I am no expert.
But it seemed like I had to configure the WDS server groups. One for infrastructure authentication for the AP's. Then a second WDS server group for client authentication. I'm not sure if this is the required configuration, but that's the only way I got both clients and AP's to authenticate.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...