Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Single local Radius in a Wireless ennvoirement

Hi

I have 3 AccessPoints 1242AG running on the same subnet. To keep it simple I configured only one AccessPoint acting as a Radiuserver and on the other 2 AccessPoints I point to the correct AccessPoint(the one with the Radius configured). But when I try to connect with the client to one of the 2 AccessPoints I recieve these messages:

*Mar 1 03:18:43.310: %DOT11-7-AUTH_FAILED: Station 0040.96a2.d736 Authentication failed

*Mar 1 03:20:38.271: %RADIUS-4-RADIUS_DEAD: RADIUS server 10.50.1.207:1812,1813 is not responding.

*Mar 1 03:20:38.271: %RADIUS-4-RADIUS_ALIVE: RADIUS server 10.50.1.207:1812,1813 has returned.

*Mar 1 03:20:48.735: %DOT11-7-AUTH_FAILED: Station 0013.cec6.fa80 Authentication failed

I already checked the shared secret of the Radius. Is it a timeout or what's the problem?

Regards

Peter

3 REPLIES
Green

Re: Single local Radius in a Wireless ennvoirement

What version of IOS are you running on the three APs?

Also keep in mind that the AP processor's priority is moving traffic; if the AP is busy handling a traffic load, it may not have time to handle RADIUS requests (liek "not responding" followed by "Returned")

Try shutting down the radio on the RADIUS-serving AP and see if you get these messages. If the AP is also acting as a WDS Master, try moving the RADIUS to another AP ... distribute the processing load as much as possible.

What flavor of authentication are you using the RADIUS for (PEAP, LEAP, MAC ...)?

Let us know

Scott

New Member

Re: Single local Radius in a Wireless ennvoirement

Hi Scott

All AccessPoints are running IOS 12.3(8)JA2.

I already turned of the radio on the RADIUS-serving AccessPoint as I'm in a lab and the AccessPoints are beside each other. I authenticate LEAP and MAC on the RADIUS. There can't be any load on the AccessPoints, as there is at the moment just one client tryint to connect. Just for information: When I connect to the RADIUS- serving AccessPoint it works fine.

Regards Peter

New Member

Re: Single local Radius in a Wireless ennvoirement

Hi

I figured it out! I forgot to configure all AccessPoints as nas on the RADIUS-serving AccessPoint.

Now it works fine.

Thanks anyway!

Regard Peter

120
Views
0
Helpful
3
Replies