06-22-2005 02:54 PM - edited 07-04-2021 10:55 AM
does anyone have any info other than what is available on cisco's website about configuring an aironet 1200 ap that belongs to a WDS but allows client authentication?
I followed the notes on the website, and managed to configure my ap as a primary WDS. Next I configured another AP in that WDS as an infrastructure AP that serves clients. That AP is registered in the WDS, but when clients try to authenticate, it says that they are unable to pick up an IP address.
Removing the configs for WDS, allows the clients to authenticate properly and picks up a DHCP address.
Is there something else that I need to do on the ACS to allow clients to authenticate as part of a WDS?
I have setup a user account on the ACS and defined client authentication methods on the WDS AP? So I am not sure where the problem could be... any help would be much appreciated, as I am about to give up an toss the silly thing!!!
06-28-2005 01:21 PM
Basically in WDS you will configure two separate server groups. One for client authentication and a second one for
infrastructure authentication. When configuring WDS, we have to build a trust between the
WDS client AP's and the WDS master AP. This is handled by LEAP authentication, so when
you configure the infrastructure server group, this is for all of the AP's that are part
of the WDS domain. If you are using only WEP and client authentication, then it is not
really necessary to configure a client server group.
06-29-2005 12:25 PM
Thanks for the response. I guess I am having trouble understanding what the relationship of the server groups and the ACS is.
my AP is set up as a WDS and another one is an AP within that WDS. The WDS status on my WDs shows the WDS AP's state is Administratively standalone - ACTIVE.
Under AP Information, I have my 2 AP's listed.
Under mobile node information I have my mobile client listed, however it is not picking up a DHCP address even though the state show REGISTERED.
Under Wireless Network Manager my WLSE show up with an authentication status of SECURITY KEYS SETUP.
Because I can't pickup a DHCP address, I believe that the problem may be related to authentication.
I had both of these APs authenticating okay before I changed the configs to WDS.
Is the name of the server group that I created for client access configured on the ACS under user setup, or AAA client???
On page 11-5 of the above document, step 5 indicates that the username and password must be the same as on the ACS. here I put the name that I configured under user setup on the ACS.
on page 11-17 setp 5, the key is the same one I configured as a AAA client on the ACS.
I don't see the link between the server groups that I specified. shouldn't that be linked somehow to the ACS?
I am using LEAP as well as EAP-FAST for authentication.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide