Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

WDS authentication to Microsoft IAS

Hi All

I have just set up a EAP-TLS WPA2 wireless LAN for a client and all works fine, authticating users to IAS.

However I am trying to now setup WDS and am finding that the APs are not authticating nor is the WDS AP.

I have set this up many times with an ACS server and have never had issues. The documentation indicates that the WDS authentication is via LEAP so is that why it is not working?

Not being that familiar with IAS can it support LEAP authentications?

My Plan today is to set an AP up as a local raduis and send Infrustucture authentications to it but still send user authtications to the IAS.

Any advice would be appreciated.

Regards

Colin

7 REPLIES
Green

Re: WDS authentication to Microsoft IAS

Microsoft IAS does not support LEAP or EAP-FAST.

The local RADIUS server in the AP does, but you are limited to 50 usernames, 50 NAS, or any combination adding up to 50.

IAS does support EAP-TLS and PEAP (with MS-CHAPv2).

Good Luck

Scott

New Member

Re: WDS authentication to Microsoft IAS

Hi, I have a problem with radius authentication, I'm using IAS server, PEAP (with MS-CHAPv2), AP1231G, Active directory and CA (certificates), my problem is when wireless client try to connect to de network, the IAS server reject the client.

Any people could help me ?

Guillermo.

New Member

Re: WDS authentication to Microsoft IAS

Firstly dont worry, the combination you have above does work - there will be a config problem somewhere.

What does the IAS log in the Windows event log (System, source = IAS) say?. If there is no entry then check that the root certificate and clocks are set correctly on the clients.

Have a quick look at http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/60fa5de5-58a0-4673-be1e-dd24fb1014a4.mspx

New Member

Re: WDS authentication to Microsoft IAS

I have a very similar configuration that is not working with IAS. I have PEAP setup using MS-CHAPv2, but when the access point sends the credentials to the IAS server, it is coming in as CHAP and not MS-CHAPv2! I get an access denied from IAS stating invalid username or password and a failed login in the security log saying that the user cannot log on to this computer. My user account is valid and works already. Any ideas?

New Member

Re: WDS authentication to Microsoft IAS

Could be a few different things. What is the client? If it is the Intel 2200 chipset getting the correct driver is key. Make sure the client config section that says "verify server certificate" is NOT checked. Hope this helps.

g

New Member

Re: WDS authentication to Microsoft IAS

Thanks, yes the client is a Intel 2200 and other brands. I have advanced, I´d had problem with the certificates, now I use PEAP authentication and WPA/TKIP encryption, but when I want to use WPA/AES to encryption, the Access Point console give me an error:

"Client (mac address) WPAIE not found and required"

What it this ????

New Member

Re: WDS authentication to Microsoft IAS

I resolved my problem with a hotfix in windows XP, the hotfix is KB893357, this support WPAv2.

Guillermo.

221
Views
0
Helpful
7
Replies
CreatePlease to create content