Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
802
Views
0
Helpful
5
Replies

Aironet 1100 and Window Radius

sbantz
Level 1
Level 1

‎12-09-2004 06:16 AM - edited ‎07-04-2021 10:14 AM

I have seven Aironet 1100's in a large building. I want to control access by device MAC address for 35 devices for security purposes. I don't want to have to enter all 35 mac addresses on each of the devices. In reading the documentation, it appears that you can use RADIUS to control access this way. However, it is not clear what I would have to do to configure this. Can I use the Windows 2000 server RADIUS service to handle this for me? I would be most grateful for any instructions on how to use Windows 2000 RADIUS services with the Aironet 1100 devices.

Thanks in advance.

p.s. If there is a better way to do this, please let me know.

Labels:
0 Helpful
5 Replies 5

dixho
Level 6
Level 6

‎12-09-2004 11:35 AM

I have never tried to use an IAS (Windows 2000 server Radius service) for this. It should be the same though. Create the username and password as the MAC address of the wireless client (in the format of xxxxxxxxxxxx). You configure a radius server in "Server Manager" under "SECURITY". Then, configure Priority for MAC Authentication. Finally, click on "Advanced Security" under "SECURITY" and select the appropriate option for MAC authentication.

0 Helpful

sbantz
Level 1
Level 1
In response to dixho

‎12-14-2004 08:02 AM

Thanks for the tips. I did get Windows Radius set up correctly and it is talking to the Aironet 1100. The only problem I am running into now is that Windows is not accepting the password that is being sent to RADIUS for the requesting client. I created accounts with a username matching the mac address of the wireless device in a format of xxxxxxxxxxxx and a password exactly the same. When I watch the radius request come in, the username is being accepted as \DOMAINNAME\xxxxxxxxxxxx, which I expected. However, the request is being rejected by RADIUS because of a bad password. I have tried a blank password, one with dashes as delimiters, and one with periods as delimiters. Nothing seems to work. Is the password sent from the Aironet supposed to be the MAC address?

0 Helpful

dixho
Level 6
Level 6
In response to sbantz

‎12-14-2004 10:48 AM

Do you have an extra AP handy? If you do, please configure the extra AP as radius server.

http://www.cisco.com/en/US/partner/products/hw/wireless/ps4570/products_configuration_example09186a00801c0912.shtml

You can see that we do send both username and password as xxxxxxxxxxx.

0 Helpful

sbantz
Level 1
Level 1
In response to dixho

‎12-14-2004 02:50 PM

Yes, I do have an extra AP. Is there another location where I can view that document you hyperlinked? I don't seem to have access to that portion of the website.

Thanks for your advice.

0 Helpful

dixho
Level 6
Level 6
In response to sbantz

‎12-14-2004 05:34 PM

attach the document in pdf format.

Preview file
480 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card