topic Re: PEAP with Open WEP Authentication in Wireless

PEAP with Open WEP Authentication

ramarao — Sat, 03 Jul 2021 23:09:46 GMT

Hi,

The WLC version is 4.0.217 with ACS v 4.0. There are certain clients have intermittent wireless, whereby it connects and disconnects and connects again when using dot1x authentication. But they have no problem connecting to SSID with no dot1x authentication and it is very stable. The DOT1X authentication security parameters is PEAP using MSCHAP, OPEN authentication and WEP encryption, no validate certificate, Win2003 AD. There are about 200 users, it is happening for around 10-15 users. Any suggestions or recommendations.

Thank you

Re: PEAP with Open WEP Authentication

Scott Fella — Sat, 12 Jul 2008 18:26:32 GMT

I fit is happening to only certain users, then I would check the configuration of the clients and check the ACS for credentials and errors.

Re: PEAP with Open WEP Authentication

rseiler — Sat, 12 Jul 2008 22:51:53 GMT

There is no such thing as PEAP using MSCHAP with OPEN and WEP encryption. You must be using 802.1x to use any EAP type, usually WPA1 or WPA2 with 802.1x. Please restate your question.

Re: PEAP with Open WEP Authentication

Scott Fella — Sat, 12 Jul 2008 23:14:20 GMT

he probably means 802.1x with wep. I have seen this in implementation long time ago. Why use wep whem wpa or wpa2 is stronger and widely implemented these days.

Re: PEAP with Open WEP Authentication

ramarao — Sun, 13 Jul 2008 03:05:18 GMT

It is WEP. Anyway, on the client, all the drivers are updated and also patched with Microsoft KB 885453. Could not suspect any major interference in the network as when the client use other SSID without dot1x it works fine.

Any suggestions

Re: PEAP with Open WEP Authentication

rseiler — Sun, 13 Jul 2008 05:59:02 GMT

A few points:

1. Do you have Microsoft KB917021 or XP SP3 installed?

2. Are you sure that WEP with 802.1x with PEAP is even supported on the WLC? I can't find any docs that list that as a supported option.

3. Try WPA1/TKIP and/or WPA2/AES with 802.1x.

Just because the gui lets you configure something, doesn't mean it works or is supported. For example, WPA1/AES and WPA2/TKIP can be configured but don't work as they are unsupported and invalid. I suspect this is what you are running up against. Nobody else is configuring the WLC the way you are.

Re: PEAP with Open WEP Authentication

Scott Fella — Sun, 13 Jul 2008 11:47:56 GMT

Well it seems still like a client side issue. verify that the wep key is in key 1 on the clients. Verify the setting on a client that works. Also do you see any errors on the wlc or acs.... you should

Re: PEAP with Open WEP Authentication

ramarao — Sun, 13 Jul 2008 13:18:07 GMT

The client is on SP2. I will try to re-check on the client end. Many thanks for your help.