Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

WPA2 Enterprise Windows keeps prompting for credentials

I've setup my 1130ag like the cisco walkthrough for wpa2 support. When I try to connect with my Thinkpad R60 with XP SP2 (with wpa2 hotfix) or my Acer with Vista, it just keeps popping up the credentials prompt. If I switch to WPA2-PSK, they both work fine.

All the event log shows is the machine failed authent. Anybody have any thoughts?

10 REPLIES
Hall of Fame Super Silver

Re: WPA2 Enterprise Windows keeps prompting for credentials

What type of encryption are you trying to do? 802.1x or Pre-shared?

-Scott
*** Please rate helpful posts ***
New Member

Re: WPA2 Enterprise Windows keeps prompting for credentials

leap via the built in radius server.

New Member

Re: WPA2 Enterprise Windows keeps prompting for credentials

Sounds like your RADIUS server isn't matching on the right attributes. Look in your RADIUS server detail log to understand why it is denying the login.

Hall of Fame Super Silver

Re: WPA2 Enterprise Windows keeps prompting for credentials

Not knowing how you set this up, have you looked at this doc: http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801c0912.shtml

-Scott
*** Please rate helpful posts ***
New Member

Re: WPA2 Enterprise Windows keeps prompting for credentials

Using the internal RADIUS server, it works fine with the Intel ProSet software. When I use the XP utility, it just keeps prompting and the "Unknown Usernames" and "Invalid Packet from NAS" counters go up. I've tried with a vista laptop and get the same thing. The username success/fail counters don't incriment except for the success's with the Intel utility.

I've set fast reconnect, unchecked verify server and user computer/user info to login. It looks like Microsoft doesn't play nice with WPA2 Enterprise.

New Member

Re: WPA2 Enterprise Windows keeps prompting for credentials

been a while since I used an autonomous AP for local EAP authentication...but I don't remember it accepting PEAP auths...M$ WZC won't do LEAP or EAP-FAST, right? Think you may have an EAP-type mismatch...

Hall of Fame Super Silver

Re: WPA2 Enterprise Windows keeps prompting for credentials

That is correct.... MS WZC doesn't support LEAP of EAP-FAST not PEAP-GTC. When you say you can use the Intel PROset, what is your configuration there.

-Scott
*** Please rate helpful posts ***
New Member

Re: WPA2 Enterprise Windows keeps prompting for credentials

The Intel client is set to Enterprise Security, network auth is wpa2-ent, data encryption is aes-ccmp, authent type is leap, and my username/password.

Is there any way to get windows xp/vista to natively work with wpa2 ent on a cisco ap? Or is a suplicant like Intel's required?

Hall of Fame Super Silver

Re: WPA2 Enterprise Windows keeps prompting for credentials

A suplicant is required. The only way you can have Windows XP/Vista to work with WPA2-Enterprise is to configure PEAP or use EAP-TLS. Instead of setting the auth to LEAP, you would set it to PEAP or EAP-TLS. A radius server is required and a server side cert for PEAP. If using EAP-TLS, a server and client side cert is required.

-Scott
*** Please rate helpful posts ***
New Member

Re: WPA2 Enterprise Windows keeps prompting for credentials

What a PITA! I was hoping Microsoft would get their "better security" right for a change :) Guess I'll setup that radius server I was hoping to avoid. Thanks for all the help guys!

2503
Views
0
Helpful
10
Replies
CreatePlease to create content