Help with configuring EAP-TLS on W2k IAS/CertSrv with AP1100? Please help!

jasonhumes · ‎09-13-2004

Hi

So I've got a W2k server running IAS/DHCP/Certificate Services. My wireless client is WindowsXp. I've got everything setup exactly as listed here;

http://www.cs.umd.edu/~mvanopst/8021x/howto/

My IAS/CertificateSrv/DHCP server has got a computer certificate, my wireless notebook has got a computer certificate and my user has got a user certificate. When I pop in my wireless card, a pop up balloon says authentication sucsessfull, yet I cant get a DHCP address or communicate even when the ip is statically assigned. ANy ideas. Thanks. Does anyone have a better document on how to configure this setup. Thanks again.

paddyxdoyle · ‎09-14-2004

Hi,

If you can't get any IP communication it does sound like you are not authenticating correctly.

Is your AP running IOS, if so telnet on to it and look for assocatiations "show dot1 association".

This will show you which clients have associated with your AP and which state they are in.

Also do a debug aaa authentication on the AP and reauthenticate from your client, look for successful authentication messages

Check the logs on the IAS server for any authentication messages.

Its more then likely an issue with your certificates, I haven't used IAS before, however ACS normally displays EAP-TLS type errors when there is a cert problem.

One other thing, remember to put a helper address on the AP under your BVI1 interface?

HTH

Paddy