Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
543
Views
0
Helpful
4
Replies

WDS 1210

jefvaneijk
Level 1
Level 1

‎08-24-2005 12:57 AM - edited ‎07-04-2021 11:03 AM

Afhter days of work i get local radius working and also WDS.

I have one AP that act as a radius server. To auth the other AP's i have ena LEAP. I see that the AP's are registered. But what now? i can only connect with my laptop on one AP (the one with local radius) Ik i go to a other AP with different SSID and i try to connect it does'nt work. I tought that in WDS mode every AP send it's data to the main AP? Or must i also configure the other AP the same as the main AP?

Thx

Labels:
0 Helpful
4 Replies 4

s.vautour
Level 1
Level 1

‎08-24-2005 06:44 AM

What authentication & encryption protocols are you trying to use with your WLAN clients?

Can you post your configs of your WDS Server & WDS Client?

Serge

0 Helpful

jefvaneijk
Level 1
Level 1
In response to s.vautour

‎08-24-2005 06:52 AM

Hi,

I use WPA2 with fast-eap. What i dont understand how to configure the second AP so that i can also connet whit the same credentilas as the MAIN ap.

Whe use two vlan's, one native and one where to users are.

0 Helpful

s.vautour
Level 1
Level 1
In response to jefvaneijk

‎08-24-2005 07:48 AM

Here's partial config:

WDS Client:

ssid SSIDNAME

!The method doesn't have the defined on this AP

authentication open eap eap_methods

wlccp ap username XXXXXX password YYYYYYY

!This LEAP U/P must exist on RADIUS Server that the WDS Server points to for WDS Client authentication ( could be local Radius on the WDS AP or remote Radius Server).

WDS Server:

aaa group server radius rad_eap

server 1.2.3.4 auth-port 1812 acct-port 1813

!This group will Auth WLAN Clients

aaa group server radius rad_wds

server 1.2.3.5 auth-port 1812 acct-port 1813

!This group will Auth WDS Client APs (could be the same IP as the WLAN Clients)

!

aaa authentication login eap_methods group rad_eap

aaa authentication login wds_methods group rad_wds

aaa authentication login client_methods group rad_eap

!

ssid SSIDNAME

authentication open eap eap_methods

!

wlccp authentication-server infrastructure wds_methods

!Defines which method to use to auth WDS Client APs

wlccp authentication-server client any client_methods

!Defines which method to use to auth WLAN Clients

With WDS properly configured, you should see the WDS Client from the Server (show wlccp). The WDS Client AP authenticates itself to the WDS Server using LEAP. When authenticated correctly, the WDS Client AP will forward all EAP requests to the WDS Server who will then forward them on to the defined Radius Server. Any EAP type can be used to authenticate the WLAN users.

I hope this helps.

Serge

0 Helpful

jefvaneijk
Level 1
Level 1
In response to s.vautour

‎08-25-2005 02:09 AM

Oke WDS is working, but i have two problems. On my latop i try to connect with WPA2 and EAP-FAST. I type i the username and passw but i still get the following back.

"802.1x Auth has failed due a challange failure. This may have happend because of wrong user credentials"

Must i use a PAC file?

The second AP how must i configure this? The same as the first onle with a different SSID?

Config of master WDS is attached

Preview file
5 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card