Showing results for 
Search instead for 
Did you mean: 

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.


WLC can't communicate with ACS.


I have a new for use ACS 1120 with software. The purpose of the ACS is to authenticate Wireless users based on an ACS defined external identity source, LDAP. The following configs are made:

- LDAP is configured as an external identity source on ACS.

- WLC is configured on ACS as AAA client.

- WLC is configured to use ACS RADIUS server ( and WLANs are configured for [WPA2][Auth(802.1X)] AAA authentication.

But for some reason AAA requests from WLC can not reach the ACS. Both devices are connected to the same 6506 switch, there is no firewall inbetween. There is no fail/success RADIUS log on ACS.  This is the log from the WLC. PLEASE HELP!!!

4Sat Jun 23 05:41:032012    RADIUS server deactivated in global list
5Sat Jun 23 05:41:03 2012    RADIUS server failed to respond to request (ID 70) for client 00:22:fa:1d:3a:ae / user 'unknown'
6Sat Jun 23 05:40:40 2012     RADIUS server deactivated in global list
7Sat Jun 23 05:40:40 2012     RADIUS server failed to respond to request (ID 69) for client 00:16:ea:c9:2d:dc / user 'unknown'
8Sat Jun 23 05:40:40 2012     RADIUS server deactivated in global list
9Sat Jun 23 05:40:40 2012     RADIUS server failed to respond to request (ID 68) for client 00:16:ea:c9:2d:dc / user 'unknown'

hello. what EAP type are you using on the wireless clients? see the following link for ldap/EAP compatability in ACS 5:



Jatin Katyal
Cisco Employee

This is a known issue with ACS 5.0

You won't even see any request/packet on ACS for wireless/eap traffic.

Please upgrade it to 5.1 pr above. This issue will be resolved.



Do rate helpful posts-


Dear Jatin,

Do you mean I can not see any EAP logs or it does not support EAP? If I can not see any logs how am I supposed to work on it?

Another thing, is there any way I can upgrade it to v5.1 with out having a cisco contract number? I couldnt download the upgrade files.

Yes, you won't see any hits on ACS for PEAP authentication failure. Also, you should have a valid contract with Cisco before you download the latest images.

If you would like to test, you may download the evaluation vesrion of ACS 5.3 along with the trial license file.



Do rate helpful posts-


I couldnt even download the evaluation version unless I have a valid contract number, it is much easier to download an evaluation licese. How do I download the evaluation version of ACS5.3 ?

The best thing to do at this point is to reach out to your Sales team or contact the vendor you purchased your ACS 1121 from, so they can get the software to you. The intent of the forums is to help solve configuration issues. If the issue you are running into warrants a software upgrade then you have to seek other channels in order to get your problem solved.

I dont mean to offend but I recently was an employee of Cisco working in TAC and have been a member of the support community and I am trying to help point your efforts in the right direction.


Tarik Admani

Content for Community-Ad