Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4802
Views
0
Helpful
16
Replies

AP problem Cisco aironet 1040

htennapel
Beginner
Beginner

‎05-22-2012 03:24 AM - edited ‎07-03-2021 10:11 PM

I have a Cisco aironet 1040.

On my Accespoint i have 2 vlans: 1 for my wifi phones and 1 for my network.

Wifi Lan has the SSID LAN with WPA enterprise authentication to a radius server(ms server 2008).

Wifi Phone has SSID PHONE and vlan 50 with local radius authentication.

This Works all fine, Except when i enable AP for my wifi phones.

When AP is enabled the authentication for my lan doesn’t go to my server but local.

How do I configure my accesspoints so that the cisco phones use the local radius server with AP and my windows computers connect using the ms radius server?

Hope some one can help

Attached is my current config.

1 person had this problem
Labels:
128449-config.txt.zip
0 Helpful
16 Replies 16

Stephen Rodriguez
Cisco Employee
Cisco Employee

‎05-22-2012 12:09 PM

aaa group server radius rad_eap

server auth-port 1645 acct-port 1646

!

aaa group server radius WDS-AUTH

server auth-port 1812 acct-port 1813

!

aaa group server radius VOICE-AUTH

server auth-port 1812 acct-port 1813

!

aaa authentication login eap_methods group rad_eap

Both of the SSID are calling to eap_methods.  What you need to do is configure another aaa authentication line:

** aaa authentication login phone_method group VOICE-AUTH**

then call that as your network-eap:

dot11 ssid VOICE

   vlan 50

   authentication network-eap **phone_method**

   authentication key-management cckm

Change/add the lines between the **.

HTH,
Steve

-----------------------------------------
Please remember to rate useful posts, and mark questions as answered