Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
712
Views
2
Helpful
9
Replies

Using cisco air-ap1815i-i-k9 with Microsoft RADIS server

sara-borghol
Level 1
Level 1

‎12-29-2024 03:47 AM

Hello, 

We are using access point cisco air-ap1815i-i-k9 that are connected to our network and controlled by controller of same model, we configure a RADIUS parameter in WLAN (SSID) settings, we tested the cisco controller with the RADIUS server and the authentication succeeded. But when we try to connect to access point unit using RADIUS authentication, it gives time out,

We notice that the authentication attempts from the access point doesn't reach the RADIUS server as the event viewer and log files on the RADIUS server don't show anything about these attempts. 

Our RADIUS server is Microsoft.

Any help?

 

Labels:
9 Replies 9

MHM Cisco World
VIP
VIP

‎12-29-2024 03:50 AM

Can i see how you config aaa server  and aaa group and l2 secuirty 

MHM

0 Helpful

sara-borghol
Level 1
Level 1
In response to MHM Cisco World

‎12-29-2024 10:40 AM - edited ‎12-29-2024 11:24 AM

We install and configure Active directory, Certification Authority and NPS server, we create a wireless group and add it to the policy at the NPS

We configure the Cisco controller IP and the Cisco access point IP as RADIUS clients in the NPS
the policy as shown:
NPS1.png

The RADIUS server, the controller, and the access point, each is on a different Vlan, but there is a routing between them and they ping each other.

We still not configure aaa group 
Should I configure  802.1X feature (dot1.x) on the switch port ?

0 Helpful

sara-borghol
Level 1
Level 1
In response to Flavio Miranda

‎12-29-2024 11:09 AM - edited ‎12-29-2024 11:10 AM

Unfortunately, Our Cisco access point  AireOS release is 8.5.140, less than 8.6 ,

Flavio Miranda
VIP
VIP
In response to sara-borghol

‎12-29-2024 11:59 AM - edited ‎12-29-2024 12:00 PM

 If you use a packet capture or wireshark and sniff the switch port where the access point is connected, does it send any radius packet at all?

0 Helpful

sara-borghol
Level 1
Level 1
In response to Flavio Miranda

‎12-30-2024 01:46 AM - edited ‎12-30-2024 01:47 AM

It shows some RADIUS packets with similar content as it tries connecting 5 times each time. (10.16.31.243 is the controller IP)

Radius0.png

This is one of them

Radius1.pngRadius2.pngRadius3.png

0 Helpful

Flavio Miranda
VIP
VIP
In response to sara-borghol

‎12-30-2024 02:43 AM

If the Radius request is leaving the AP but dont make it on the NPS, you might have something in between dropping the packet.

 I see Fortnet on the capture. Is it a  firewall?

0 Helpful

sara-borghol
Level 1
Level 1
In response to Flavio Miranda

‎12-30-2024 02:55 AM

Yes, it is a firewall, but the AP unit, AP Controller and RADIUS server are all on the same zone, no policies on firewall between them. 

0 Helpful

Flavio Miranda
VIP
VIP
In response to sara-borghol

‎12-30-2024 04:45 AM

You probably need to sniff the next interface the traffic would pass for. Maybe the interface where the nps is connected

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card