Ok, I understand now the situation. I could set this via gpo for them(wireless users) to use this SSID with the settings set by the GPO problem is, we're just using Windows Server 2003 SP2 which I dont see the option for wpa2-ent. It just has the options for wep, wpa, and wpa-psk under IEEE 802.1x tab. Checked Windows Server 2008 R2 SP1 and it does have options for WPA2-Ent.

Thanks

Jeff

It did work after disabling "Validate Server Certificate" checkbox. The next action is to look if there's a hotfix/update for our old Windows Server 2003 SP2 OS fo the wlan security options.

Thanks for all replies and have a great day ahead!

Jeff

Yeah server 2003 doesn't have that option. You might be able to push out an XML wireless profile though that has it. I have done this in the past where you create a windows profile one for Windows XP and another for Windows 7 and you export them. Then you can run a script when users login to execute an import. This works well also if your using WEP or preshared keys since GPO will not push out the keys:)

http://www.informit.com/articles/article.aspx?p=1597099

Sent from Cisco Technical Support iPhone App

I see, will try this workaround and see how it works. BTW, an off topic question, is there a way to limit the range of specific access points or limit the number of users?

For the range, i.e 5meters only for example and 5 users? something like that, is this possible?

regards,

1) Maximum clients allowed per controller(per WLAN) can be controlled

The maximum number of clients per WLAN feature is supported only for access points that are in connected mode.

AND  this feature is not supported when you use FlexConnect local authentication.  

2) At the AP level, Load balancing is an option. Client Window Size  per AP is configurable.

But please note that most clients don't honor the rejection.

So we have mechanism to only reject a client X # of times(Max Denial Count) , then we can eventualy let them associate.

3) The range of the AP cannot be controlled in terms of distance. However you can drive this via Transmit power.

Tx power  level  1 corresponds to 17dBm  and  it goes down upto 8 that corresponds to -4dBm

You may need a site survey mechanism to choose the power level (on a per AP basis) based on your requirement.

Please make sure that you have enough coverage overlap for the clients to seamlessly roam.

Refer : http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00800e90fe.shtml

Appreciate that quick response I'll try to explore this and will let you know for any results.

Thanks and enjoy the rest of the day!

Jeff

I tried to check the controller and under security>ACL, I dont see any options for "FlexConnect" Does this mean the controller is set as "Connected" mode?

If the AP is in FlexConnect mode, then the AP is said to be in connected mode when its CAPWAP control plane link to the WLC is up and operational. This means that the WAN link between the LAP and WLC is not down.

*****Help out other by using the rating system and marking answered questions as "Answered"*****

It probably because of the code you have on the 2100. The newer model WLC's and code allows for this to be changed on a per WLAN or per radio.

Sent from Cisco Technical Support iPhone App