cisco aironet 1130g and windows 2003 with cisco ACS

Dilruwan Rathnayake · ‎01-03-2011

hi

i have configured windows 2003 server with DNS ,Active directory users and dhcp server. and configured my cisco 1130g AP .

i have installed cisco access control server 4.0 because i use LEAP authentication protocol and for the ACS for network configuration i give aaa client ip addresss as AP interface ip and same shared secret for the AP and ACS,.

so when i log to wifi it ask username and password

problem is lap top cannot have a ip address my dhcp server not issue any ip address .

my hiper terminal massage is like this when i connect to wifi

help ...thank you...

Nicolas Darchis · ‎01-03-2011

Did you try an SSID in open mode to make sure that connectivity and dhcp pool was correctly configured before trying to integrate with acs ?

It seems that here your authentication is failing, what is ACS giving as authentication failure reason ?

Nicolas

Dilruwan Rathnayake · ‎01-04-2011

thanks for the reply

yes in the open mode SSID without any configuration i can connect to the internet and dhcp server issue ip address for the laptop.

how will i get ACS authentication failure reasons..

thank you..

Nicolas Darchis · ‎01-04-2011

Reports and Activity=> Failed attempts-> Active

Regards,

Nicolas

Dilruwan Rathnayake · ‎01-04-2011

yes there is a massage "EAP type not configuerd "

thank you...

Dilruwan Rathnayake · ‎01-04-2011

hi

but i enable LEAP authentication in ACS and Access point ,,then why it is asking eap type..???????

thank you....

Nicolas Darchis · ‎01-04-2011

There must be a reason ...

Can you post the access point configuration ? As well as the ACS screenshot where you are allowing leap ?

Thanks,

Nicolas

Dilruwan Rathnayake · ‎01-05-2011

yes sure

this is for ACS

for ACS aaa client- ip address of the access point

Dilruwan Rathnayake · ‎01-05-2011

and this is for access point

for coperate servers 192.168.90.15 - ip address of the server machine where acs installed.

network access server 192.168.90.19 - ip address of the access point.

authentication protocol - LEAP

please help me ...im fed up with this over two months...

Nicolas Darchis · ‎01-05-2011

A "show run" is faster to collect on the AP command line and tells more than screenshots.

But it seems like you both configured the AP to use the ACS as radius server and the AP to also act as a local radius server (which should be removed if it's acs you want to use).

Regards,

Nicolas

Dilruwan Rathnayake · ‎01-05-2011

thnks for the reply

if i configure 2008 server in PEAP authenticatoion can aironet 1130g communicate with it..

thank you..

Nicolas Darchis · ‎01-05-2011

The AP doesn't care about the eap method you are doing. It is between the client and the ACS that peap happens. So yes you can go ahead.

That maybe makes me think that your client was not configured for leap but you thought you had leap since you activated that on the AP ?

Nicolas

Dilruwan Rathnayake · ‎01-06-2011

thnks fo reply

and there is a another issue that when i connect to wifi it ask user name and password ,,but after i provide it wifi try to access and there is failure..

is there any issue with active directory?????

Nicolas Darchis · ‎01-06-2011

No. the question is how did you configure your client ...

Dilruwan Rathnayake · ‎01-06-2011

what do you mean by that ???