Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Wifi WPA2 Enterprise with RADIUS - Connection Problem

Hello,

I have here a brand new ISA 570w with the latest firmware (1.2.17).

Anyway, I can't get the wifi to work in WPA2 Enterprise mode with RADIUS authentication.

WPA2 PSK mode is no problem.

I configured the RADIUS properly and I can connect directly to it via NTRadPing without any problem. Also the test in the web interface works without any issues (see screenshot 2,3).

The RADIUS server is a Synology RADIUS Server on a Synology NAS, which is a FreeRADIUS server under the hood.

In the wireless settings of the ISA I set this RADIUS server for authentication (see screenshot 1,4).

However, I can't connect connect to the network:

On the iPhone (iOS 6.1.3) I get a prompt for a username and password, but when I click connect it says 'Connect to "cisco3"...' and stays there.

In the log of the ISA 570w it says:

Information

Wireless

msg=Add station MAC in ATU list;VID=5;MAC=5C:59:48:02:78:3E;

Information

Wireless

msg=Wireless mode is 802.11 b_g_n mixed

When I cancel the attempt to connect it says:

Information

Wireless

msg=The Client has disassociated;

On my Thinkpad with Windows 7 Professional I configured everything as usual (see screenshots 5,6,7,8) but when I try to connect I don't get a prompt where I'm asked for username and password and finally the connection can't be established (see screenshot 9). Also tried it with the same configuration on another fresh installed Windows 7 Pro notebook with the same issue.

In the logs of the RADIUS I can't see any attempts from the ISA 570w to authenticate anything.

Also the capture of the network traffic on the LAN port to the Synology NAS doesn't show any RADIUS packets.

I already disabled CDP because I read that this may cause problems, but it didn't help.

Can you please suggest anything else I can try?

Thanks in advance!

Kind regards,

Dominik

1 ACCEPTED SOLUTION

Accepted Solutions

Wifi WPA2 Enterprise with RADIUS - Connection Problem

I did see those screenshots however that settings screen comes from selecting the Configure button next to the Authentication Method in the User Authentication section under Users.  In each of your screenshots, the RADIUS Server ID number is 1 so I would also ensure that I've configured RADIUS Server ID 1 which can only be configured by going to Users -> RADIUS Servers.

All that said, I did see that your tests succeeded and I also don't understand the point of having RADIUS settings on the other screens and then having RADIUS ID info.  My thinking is that you would be able to configure RADIUS once in the Users -> RADIUS Servers screen and then select the RADIUS Server ID in all the remaining screens without having to enter the RADIUS info over and over again.  It would also think that you could skip the Users -> RADIUS Server screen and enter the RADIUS information over and over again and it should work...just like you set it up originally.  However, based on past experience of programmatic errors, I would recommend configuring the RADIUS Server ID 1 under Users -> RADIUS Servers if you haven't already...just in case. 

Shawn Eftink
CCNA/CCDA

Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.
10 REPLIES
New Member

Re: Wifi WPA2 Enterprise with RADIUS - Connection Problem

rest of the screenshots...

Re: Wifi WPA2 Enterprise with RADIUS - Connection Problem

Have you tried running WPA2-Enterprise only instead of WPA/WPA2 Mixed? I've had mixed results with Mixed mode, no pun intended.

Sent from Cisco Technical Support iPhone App

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.
New Member

Wifi WPA2 Enterprise with RADIUS - Connection Problem

Hi Shawn,

thanks for the reply.

Yes, I already tried this before and just tried it again with no success.

Also tried to change the default name to cisco-test, but this didn't the trick.

I can see that the ISA 570w receives some packages from my computer, but doesn't send any:

Name

cisco-test

Rx Packets

0

Tx Packets

30

Any more ideas?

Wifi WPA2 Enterprise with RADIUS - Connection Problem

In the Users -> User Authentication, did you change the Authentication Method to RADIUS or RADIUS + Local Database?

Shawn Eftink
CCNA/CCDA

Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.
New Member

Wifi WPA2 Enterprise with RADIUS - Connection Problem

To RADIUS + Local Database

New Member

Wifi WPA2 Enterprise with RADIUS - Connection Problem

Just changed it to RADIUS only without success.

I will do a factory reset now and configure it again. Let's see if this helps...

Wifi WPA2 Enterprise with RADIUS - Connection Problem

And you configured RADIUS 1 under Users -> RADIUS Servers with the appropriate settings?

Shawn Eftink
CCNA/CCDA

Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.
New Member

Wifi WPA2 Enterprise with RADIUS - Connection Problem

Yep, as you can see in screenshots 2 and 3 the test works fine.

Wifi WPA2 Enterprise with RADIUS - Connection Problem

I did see those screenshots however that settings screen comes from selecting the Configure button next to the Authentication Method in the User Authentication section under Users.  In each of your screenshots, the RADIUS Server ID number is 1 so I would also ensure that I've configured RADIUS Server ID 1 which can only be configured by going to Users -> RADIUS Servers.

All that said, I did see that your tests succeeded and I also don't understand the point of having RADIUS settings on the other screens and then having RADIUS ID info.  My thinking is that you would be able to configure RADIUS once in the Users -> RADIUS Servers screen and then select the RADIUS Server ID in all the remaining screens without having to enter the RADIUS info over and over again.  It would also think that you could skip the Users -> RADIUS Server screen and enter the RADIUS information over and over again and it should work...just like you set it up originally.  However, based on past experience of programmatic errors, I would recommend configuring the RADIUS Server ID 1 under Users -> RADIUS Servers if you haven't already...just in case. 

Shawn Eftink
CCNA/CCDA

Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.
New Member

Wifi WPA2 Enterprise with RADIUS - Connection Problem

This did the trick!

I started entering the RADIUS info in the wireless connection settings and not in the RADIUS server settings in the Users section. Since the settings were also in the RADIUS server settings in the Users section when I looked it up after setting it up in the Wireless section, I didn't bother with that.

After refreshing them in the Users->RADIUS server section and also refreshing them in the Users->User Authentication and Wireless->Basic Settings in the right network everything works fine now, I get a prompt for user and pw and also I'm asked on the iPhone if I want to accept the certificate.

Tank you so much for the help!

9151
Views
0
Helpful
10
Replies