Hi,

I am getting a similar problem with a new WLSE Express with software ver 2.11. I have connected it up to an AP1200 set up as a WDS and the AP shows the NM as being not authenticated. But the WDS is showing up as an active session in the WLSE Express's AAA. I have checked the credentials match and have put a static arp entry in the AP for the WLSE Express. The AP1200 IOS was 12.3(4) and I downgraded to 12.2(15)XR2 (usually sound s/w) with same problem. Running debug on the AP for Radius shows unsupported AAA. I am not using a dns but should that make a difference?

Anyone have any tips or experienced similar problems?

Thanks for any help.

Can you enable "debug radius" on the WDS primary and allow the WDS to attempt to authenticate the WLSE. After the attempt can you attach the debug output here.

I hope this helps.

Thanks

This definitely looks like the same problem with the radius server I have seen before. There is no response to the access challenge. What do you see in the radius logs if you check them at the same time as the "debug radius" is running?

I have a similar problem. Same version of ACS and running 12.3(7)-JA1 on APs.My WLSE authenticates intermitently. Some times it will show authenticated and sometimes Not authenticated. I am running PEAP with WPA on my clients and once i enable WDS clients can authenticate but no traffic is passing through. Actually i have two SSID configured on different VLANs. One SSID has does not require authentication and the other requires PEAP. It works fine without WDS. Both SSIDs can not send traffic once i enable WDS. The clients show Registered on teh WDS but no traffic is passed from both SSIDs. Any ideas? Is WDS compatible with WPA.

I am unable you check the logs at the moment but it would help if you could verify the config procedure. The WDS AP has the MN IP address and a shared secret configured under WDS general setup. On the WLSE Express the matching configs. are placed in Device - Discover - WLCCP Credentials. Also on the WDS AP under security settings - servers I have entered the WLSE IP address and a shared key as the Radius server, is this info. entered on the WLSE AAA Admin Client as the WDS. Finally I'm not sure of the config for the WLSE as a client on the AAA server, i.e., Name and secret key.

I have a feeling this might be contributing to the problem.

I just ran into the ACS version 3.3.3 and WDS/WLSE bug related problem. As a work around I enabled Radius on the WDS root AP, created a username/password for the infrastructure APs, and WLSE. Set the infrastructure group under the WDS settings to authenticate against the Radius AP and everything came right up.