I have AP 1200's, ACS 3.1 and XP machines (all with SP1 or better) The laptop that I use, has a Cisco Aironet card (350) and works just fine. I can authenticate with NDS using LEAP or PEAP.
However, the new IBM machines using internal "high rate wireless LAN" cards aren't playing well with my network. I'm setting them up for our library, and none will pass authentication. They always fail.
I have imported a Thawte certificate into our ACS server. Can anyone please give me some advice?
These "high rate" cards what standard are they ? 802.11a b or g ??
If they are 802.11a then you need a 802.11a radio installed in your AP1200 and it is configured as a seperate radio so you will need to also configure it in a similar way you have already for your 802.11b radio
If the cards are 802.11g then you need to makesure they are set to 11Mbps and are in compatable with 802.11b mode (should be by default but not all are) You then need to make sure these cards support 802.1x
If they are then run the EAP debugs on the AP to see what is happening
Any luck? We have the same kind of issue when using IBM laptops with external/internal cisco client adapters -a/b/g. Any other make Laptops works fine.The 1200 Series APs are properly configured but we are using PEAP with Radius.Any advice? Thanks in advance.
It may be that the laptops need Microsoft XP Service Pack 2.
I have some users with internal NICs (built-in / Centrino or similar) that wouldn't even pass with WPA-PSK (these were HP/Compaq). I checked the manufacturer web site and they specifically say that SP2 is needed for WPA.
I tested it with similar NICs in my own laptop. They wouldn't pass on SP1, and they hooked right up with SP2, even using the NIC vendor's application.
...and, for those that may not be aware, SP2 loads a new MS firewall and defaults it to "everything shutdown." Read about it and the other "features" on the MS site before loading SP2 so you'll know where to start chasing the problems. For the firewall, you can shut it down using a new icon in the control panel.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...