07-06-2007 08:13 AM - edited 07-03-2021 02:18 PM
Hi,
i try to setup wpa with peap user auth with a 1130 AP and cisco secure acs 4.2 server.
auth keeps failing and I even don't see failes attempts in my acs server. The AP is in the AAA section of the ACS and the have the same shared secret.
The ACS server is working corectly because I use it the authenticate users to log in the the routers
I enabled all possible authentication methods but no luck.
I use the windows xp suplicant and even tried with funk software.
in the dot11 authenticator debug i can't see any radius lines see attached file
can anybody help me out ?
07-07-2007 12:04 PM
Hi
Does your AP have connectivity to the Radius server ?
Are you seeing absolutley nothing in your ACS failed attempts log ?
Could you post config of your AP ?
Jon
07-08-2007 09:08 PM
Is this Aironet or LWAPP?
In aironet, there is a way to test authentication via the access points..."test aaa radius
Also, make sure the DB (LDAP/AD,etc..) is configured and mapped correctly in ACS but you should see something like "NAS errors" or DB errors in ACS if the access points were somewhat communicating with ACS..
Post the configs if you can...
07-09-2007 11:12 PM
Hi,
This was aironet lwap
I've found the solution. The ACS server was dual homed on 2 networks, and the return radius pakket had a diffrent ip address as the request, so the AP didn't acceppted this packet.
Now i can auth to users in the acs database, but not to users in the ldap database. authentication type not supported by external db error
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide