Cisco Support Community
Community Member

Network EAP and MS RADIUS / CA

Ok, I have been going crazy for 3 days now trying to get 2 Aironet 1310 AP/Bridges to connect the Root Bridge and Non-Root Bridge using Microsoft CA, Microsoft RADIUS and network EAP. I don't know if I'm just not getting it or what. The Non-Root bridge keeps indicating "Interface Dot11Radio0, cannot associate: EAP authenticating" and on the RADIUS server, I am getting in the event log for IAS "The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server."

I have repeatedly enrolled the non-root bridge with the MS CA with the MSCEP extensions installed but the non-root bridge does not seem to get the certificate from the server.

So what I really am asking, does anyone know of any documentation on how to configure a point to point WLAN using MS Certificate Authority, MS RADIUS and network EAP?


Re: Network EAP and MS RADIUS / CA

Hi Doug,

best source for documentation, setup guides

And he has one there specifically for PEAP setup to an IAS server. Very nice walk through on it.

Or in the Cisco Web page.

Of course Cisco uses the ACS, but this document gives you a good overview about the CA, APs and authentication.

Best regards,


P.S. Please rate helpfull posts

Community Member

Re: Network EAP and MS RADIUS / CA has great information for configuring Access Points for client connectivity. What I am looking for is non-root bridge connecting to root bridge only, no clients at all.

I can get WPAv2 with PSK working just fine but what I want is to secure it as much as possible. Perhaps I don't understand the Cisco Aironet products well enough to know how to do this.


Re: Network EAP and MS RADIUS / CA

What kind of EAP are you using?

IAS doesn't support LEAP or EAP-Fast.

You can do EAP-TLS, MD5, PEAP, MAC, EAP-TTLS ... but MS doesn't do LEAP or EAP-Fast.

Good Luck


CreatePlease to create content