11-08-2007 05:31 AM - edited 07-03-2021 02:54 PM
I am trying to get the AP's that I manage to authenticate users against our Active Directory using Microsoft IAS. I have a combination of AP1231G and AP1131G units which have been configured to authenticate against the IAS server, but my auths are failing. The basics of the Configs are as follows:
AP's
aaa group server radius rad_eap
server 10.X.X.X auth-port 1812 acct-port 1813
dot11 ssid test
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa
radius-server attribute 32 include-in-access-req format %h
radius-server host 10.3.24.16 auth-port 1812 acct-port 1813
radius-server vsa send accounting
The IAS is configured for PEAP/MS-CHAPv2
Ant thoughts on why my Auths are failing?
11-09-2007 06:39 AM
Could be all sorts of things : ) What errors are there in the AP logs? In the EV on the server running IAS? How is your certificate configured and deployed?
A really good tool for configuring this setup on a Windows network is the Microsoft WLAN-PEAP Toolkit available from here:
http://go.microsoft.com/fwlink/?linkid=23481
It's got some very good scripts which do almost all the configuration you need for IAS, Cert Authority, etc, etc and some very good documentation on setting it all up and configuring it.
11-09-2007 06:47 AM
Thanks, Some really helpful info here. I tracked the problem down to a Remote Access Policy that was just a bit too narrow in scope and corrected the issue. Everything is working now.
Thanks for the info.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide