https://community.cisco.com/t5/wireless/ad-security-to-login-an-ssid/m-p/2223614#M22382 <HTML><HEAD></HEAD><BODY><P>I don't know what you were referencing when you setup your wireless. Here is a doc that should help.<BR /><BR /><A href="http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008093f1b9.shtml" target="_blank">http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008093f1b9.shtml</A><BR /><BR />Sent from Cisco Technical Support iPhone App</P></BODY></HTML> Sun, 05 May 2013 02:02:26 GMT Scott Fella 2013-05-05T02:02:26Z https://community.cisco.com/t5/wireless/ad-security-to-login-an-ssid/m-p/2223613#M22381 <P>"Cisco 2500 Series Wireless LAN Controller" -</P><P>Product Version.................................. 7.0.220.0</P><P></P><P>Hi!, im trying to configure a layer 2 security using 802.1x and an LDAP server to authenticate the users but im not getting access with the user credentials and sometimes when i connect to the SSID my user and password is not requested and just shows an failure connection error.</P><P>what Im configured is:</P><P>1- registered the LDAP server</P><P>2- local EAP profile (with the EAP-FAST option)</P><P>3- WLAN with layer 2 security and 802.1x</P><P>4-no layer 3 security (because I dont have to use Web authentication or something like that)</P><P>5- And in the wlan AAA options i put the LDAP server (registered before) and checked the local EAP authentication (and the profile created before)</P><P>6-the other stuff like the dhcp pool, interfaces, etc.</P><P></P><P>I test the the connection with the LDAP using the Web authentication and I get access to the network but what I need is get access to the network requesting the LDAP credentials just one time (without sessions that expire).</P><P></P><P>Did I miss something?, do i need a radius server?, is necessary configure something else? or there is other way to do this?</P><P></P><P></P><P>thanks for your comments.</P> Sun, 04 Jul 2021 07:01:37 GMT https://community.cisco.com/t5/wireless/ad-security-to-login-an-ssid/m-p/2223613#M22381 Salvador Antonio Quintanilla Mendoza 2021-07-04T07:01:37Z https://community.cisco.com/t5/wireless/ad-security-to-login-an-ssid/m-p/2223614#M22382 <HTML><HEAD></HEAD><BODY><P>I don't know what you were referencing when you setup your wireless. Here is a doc that should help.<BR /><BR /><A href="http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008093f1b9.shtml" target="_blank">http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008093f1b9.shtml</A><BR /><BR />Sent from Cisco Technical Support iPhone App</P></BODY></HTML> Sun, 05 May 2013 02:02:26 GMT https://community.cisco.com/t5/wireless/ad-security-to-login-an-ssid/m-p/2223614#M22382 Scott Fella 2013-05-05T02:02:26Z https://community.cisco.com/t5/wireless/ad-security-to-login-an-ssid/m-p/2223615#M22383 <HTML><HEAD></HEAD><BODY><P>I followed part of that document, but i didn't do the part of the certificate. it is really necessary?</P></BODY></HTML> Sun, 05 May 2013 22:11:07 GMT https://community.cisco.com/t5/wireless/ad-security-to-login-an-ssid/m-p/2223615#M22383 Salvador Antonio Quintanilla Mendoza 2013-05-05T22:11:07Z https://community.cisco.com/t5/wireless/ad-security-to-login-an-ssid/m-p/2223616#M22384 <HTML><HEAD></HEAD><BODY><P>Well 802.1x (EAP) does use certificates. So I would say it is mandatory.<BR /><BR />Sent from Cisco Technical Support iPhone App</P></BODY></HTML> Sun, 05 May 2013 22:47:27 GMT https://community.cisco.com/t5/wireless/ad-security-to-login-an-ssid/m-p/2223616#M22384 Scott Fella 2013-05-05T22:47:27Z