And I am able to connect (with full IP Connectivity) to the SSID called VLAN20 using WPA2 Enterprise with the username me and the password me if I select LEAP as the 802.1x Authentication method on the client.
However when I add "user f0b47916ce1f password f0b47916ce1f mac-auth-only" under my local radius server, I can no longer establish IP Connecitivity. I've tried a few different clients to no avail.
On the access point I see this:
*Mar 1 02:22:34.343: RADIUS(000000EA): Send Access-Request to 192.168.1.2:1812 id 1645/234, len 126
*Mar 1 02:22:34.343: RADIUS: authenticator 7A 5E 53 68 CE CC BA 98 - 63 47 62 CE 6F 11 BA 0C
*Mar 1 02:24:29.967: RADIUS: Received from id 1645/234 192.168.1.2:1812, Access-Accept, len 116
shortly followed with "*Mar 1 02:25:35.059: %DOT11-7-AUTH_FAILED: Station f0b4.7916.ce1f Authentication failed".
Which looks like the client is not sending the password as it's mac address, should it be? however it does seem to know to send the username as it's mac address (previously this was "me").
If I remove the user with this laptops mac address, I can connect again with the username "me". But I would like to try this out with mac addresses as well since the RADIUS server will be in a central location by the end.
Anyone else had experience configuring this? or had this problem before? I've read over the same few PDFs on the cisco website and can't see where i'm going wrong!
Ok i've tried removing "mac-auth-only" from the end as suggested, still getting the same results unfortuantely :/
Thanks for the suggestion though.
This AP doesn't seem to have a proper web interface, perhaps soemone with a dedicated Aironet AP could set this up from the web interface and post what CLI commands were generated into the running-config.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...