Hi
I am trying to configure a 1242 or 3502 WGB with PEAP. There is not ACS server involved as Windows RADIUS is used. I can get the WGB to work with OPEN Authentication but when I attempt to add in the authentication/security piece I get "no association." Below is my current config. The WLAN is set to use WPA/WPA2 802.1x + CCKM.
Current configuration : 1812 bytes
!
! Last configuration change at 00:56:39 CST Tue Mar 2 1993
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname WGB
!
!
logging rate-limit console 9
enable secret 5 $1$WjQp$f5/hquzjE8im/j41yOONh0
!
no aaa new-model
clock timezone CST 23 59
ip cef
!
!
!
dot11 syslog
!
dot11 ssid wgbtest
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa cckm
dot1x credentials [my-userid]
dot1x eap profile [my-userid]
infrastructure-ssid
!
!
eap profile [my-userid]
method mschapv2
method peap
!
crypto pki token default removal timeout 0
!
!
dot1x credentials [my-userid]
username [my-userid]
password 7 113E100B0317195E547B79
!
username Cisco password 7 13261E010803
!
!
bridge irb
!
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
ssid wgbtest
!
antenna gain 0
station-role workgroup-bridge
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
antenna gain 0
dfs band 3 block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
bridge-group 1
bridge-group 1 spanning-disabled
!
interface BVI1
ip dhcp client client-id GigabitEthernet0
!
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path
http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
transport input all
!
end Current configuration : 1812 bytes
!
! Last configuration change at 00:56:39 CST Tue Mar 2 1993
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname WGB
!
!
logging rate-limit console 9
enable secret 5 $1$WjQp$f5/hquzjE8im/j41yOONh0
!
no aaa new-model
clock timezone CST 23 59
ip cef
!
!
!
dot11 syslog
!
dot11 ssid wgbtest
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa cckm
dot1x credentials [my-userid]
dot1x eap profile [my-userid]
infrastructure-ssid
!
!
eap profile [my-userid]
method mschapv2
method peap
!
crypto pki token default removal timeout 0
!
!
dot1x credentials [my-userid]
username [my-userid]
password 7 113E100B0317195E547B79
!
username Cisco password 7 13261E010803
!
!
bridge irb
!
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
ssid wgbtest
!
antenna gain 0
station-role workgroup-bridge
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
antenna gain 0
dfs band 3 block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
bridge-group 1
bridge-group 1 spanning-disabled
!
interface BVI1
ip dhcp client client-id GigabitEthernet0
!
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
transport input all
!
end
