Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1251
Views
4
Helpful
3
Replies

Network EAP and MS RADIUS / CA

dougtraser
Level 1
Level 1

‎11-17-2006 04:41 PM - edited ‎07-03-2021 01:15 PM

Ok, I have been going crazy for 3 days now trying to get 2 Aironet 1310 AP/Bridges to connect the Root Bridge and Non-Root Bridge using Microsoft CA, Microsoft RADIUS and network EAP. I don't know if I'm just not getting it or what. The Non-Root bridge keeps indicating "Interface Dot11Radio0, cannot associate: EAP authenticating" and on the RADIUS server, I am getting in the event log for IAS "The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server."

I have repeatedly enrolled the non-root bridge with the MS CA with the MSCEP extensions installed but the non-root bridge does not seem to get the certificate from the server.

So what I really am asking, does anyone know of any documentation on how to configure a point to point WLAN using MS Certificate Authority, MS RADIUS and network EAP?

Labels:
0 Helpful
3 Replies 3

frankzehrer
Level 4
Level 4

‎11-18-2006 01:20 AM

Hi Doug,

best source for documentation, setup guides

http://wireless.dweezle.org

And he has one there specifically for PEAP setup to an IAS server. Very nice walk through on it.

Or in the Cisco Web page.

http://www.cisco.com/en/US/products/hw/wireless/ps430/products_technical_reference_chapter09186a008025d6ee.html

Of course Cisco uses the ACS, but this document gives you a good overview about the CA, APs and authentication.

Best regards,

Frank

P.S. Please rate helpfull posts

0 Helpful

dougtraser
Level 1
Level 1
In response to frankzehrer

‎11-22-2006 10:32 AM

wireless.dweezle.org has great information for configuring Access Points for client connectivity. What I am looking for is non-root bridge connecting to root bridge only, no clients at all.

I can get WPAv2 with PSK working just fine but what I want is to secure it as much as possible. Perhaps I don't understand the Cisco Aironet products well enough to know how to do this.

scottmac
Level 10
Level 10

‎11-18-2006 10:23 AM

What kind of EAP are you using?

IAS doesn't support LEAP or EAP-Fast.

You can do EAP-TLS, MD5, PEAP, MAC, EAP-TTLS ... but MS doesn't do LEAP or EAP-Fast.

Good Luck

Scott

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card