The configuration that has been keyed in from the CLI has been removed, and using the WEB interface, the Admin Security has been applied. The AP is now configured to use an External RADIUS Server with the IP Address, PORTS and Shared Secrets defined.

Access via Telnet, authenticating against the RADIUS Server works, but access via the WEB interface doesn't, the password is thrown out by the RADIUS Server ? Any Suggestions ?

David

I have a similar problem. I have 2 WDS aP's set up for WDS duties only. They do Radius AAA with no problems. A whole fleet of 1200's with AAA and radius set up as WDS clients do NOT work. The wirelss gets authenticated fine, however the Administrator radius stuff for telnet and HTTP is getting chucked by the radius server with a bad password. even though the same username and password on the WDS AP's is getting authenticated. I did a full logging on the radius server and packet capture and noticed that the encrypted password being passed by the new AP's is different form the ones comming from the AP's that work. this depsite the fact that the entire IOS config was copied verbatim from the WDS AP's to the other ones. The only difference is the new ones that don't work are changed to be WDS clients. The other weird thing is the WDS client AP's are authenticating the WDS User acocunt through radius and AAA just fine! I have a TAC case open and so far they are stumped. I'm really starting to think the AAA IOS code in the 1200 is buggy.

I looked further into this and have found the underlying issue affecting us. We use RSA Security with the built in RADIUS Server. Appears that the RSA Server accepts only Clear Text Passcode strings, but the HTTP Management passes the authentication back in MD5 Hash. Therefore the RSA RADIUS Server rejects the passcode due to not being able to accept the MD5 Hash Algorithm passcode sent back.