04-04-2007 08:29 AM - edited 07-03-2021 01:53 PM
I have the following:
ACS 4.1
1200 AP 12.3(8)JEA1
Windows XP SP2 with WPA2 update.
My AP is set to authenticate to ACS for EAP requests, my ACS is setup to allow PEAP, and my client is using PEAP.
When my AP does not have "authentication key-management wpa" it works fine, but as soon as I enable that, my client can no longer connect.
In other words, it works with WEP encryption, but not with WPA2 AES. I obviously select WPA2 with AES on my client and have encryption set to AES-CCMP on the AP when doing this.
If I have the same exact WPA setup on my AP, but use a LEAP client, that works great. Problem is, LEAP is insecure and needs an additional supplicant(PEAP is built into XP sp2).
Any ideas?
04-04-2007 09:27 AM
using debug dot11 station conn failures i get:
Apr 4 13:24:02.218 EST: Client 000c.f144.48b2 failed: WPAIE not found and required
Apr 4 13:24:19.549 EST: Client 0019.7d52.bd57 failed: Timeout waiting for clien
t EAP auth response
Apr 4 13:24:19.549 EST: %DOT11-7-AUTH_FAILED: Station 0019.7d52.bd57 Authentica
tion failed
Apr 4 13:24:19.996 EST: DOT11 EVENT:(adding)client->key_details.encrypt_type is
200
Apr 4 13:24:40.038 EST: Client 0019.7d52.bd57 failed: Timeout waiting for clien
t EAP auth response
repeatedly....any ideas? I'm using a self-signed certificate.
04-04-2007 09:39 AM
apparently, im good at solving my own problems...I disabled qos, and it associated, I reenabled qos and it works...any idea why this would do it?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide