04-02-2013 12:08 PM - edited 07-03-2021 11:49 PM
Hi All
Has anyone any experience of using a Cisco 5508 controller (code version 7.4.100.0) with an ACS appliance running version 4.1 or 4.2?
I've found that the ACS constantly reports a 'Bad request from NAS' (Invalid message authenticator in EAP request). message. This usually indicates a mismatched shared secret but this isn't the case.
The controller works fine opposite a Microsoft NPS Radius Server.
Regards
Roger
04-02-2013 12:19 PM
Make sure you don't have Radius Server Overwrite interface under the WLAN > Security > AAA. Also make sure the NAD ID is the hostname of the WLC under the WLAN > General tab.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
04-02-2013 12:23 PM
Hi Scott
I've already checked these elements and they are fine.
I am sceptical about the NAS ID that's now in the WLC configuration.
However, I can't verify that for certain.
04-02-2013 12:26 PM
By default the NAS-ID on the WLAN is the hostname of the WLC. If that is changed and the WLC was rebooted, then the NAS-ID that will be seen by the radius is that under the WLAN. The Radius server Overwrite interface will change the NAS-ID to the dynamic interface and not the management interface.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
04-02-2013 12:30 PM
I know all that and everything is fine.
The NAS-ID is the hostname of the WLC and has not been changed.
The NAS-ID shown in the ACS logs is also correct.
As I also pointed out - the controller works fine with a different Radius server.
04-02-2013 12:33 PM
I had 4.2 running with no issues but on the early 7.3 for testing. The only thing I had issues with was what I had mentioned. Maybe it is an issue with 7.4 and ACS 4.2, but radius is radius so its hard to say that its a compatibility issue.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
04-02-2013 12:42 PM
I'll have to try and do some more tests. I can't see any bugs relating to this issue.
Its an odd one for sure.
Thanks anyway Scott.
06-30-2013 08:09 PM
Hi Gents,
I have the same issue with our ACS server logs filling up like crazy. All entries from WLCs and I have tried what yo guys have talked on this thred but with no luck. Just wanted to ask if you were able to resolve or rectify this issue by any chance.
Cheers.
07-08-2013 04:10 AM
Hi Kasun
I didn't resolve it. However, there are allegedly a large number of bugs with the 7.4.100.0 code so possibly this is the issue. There should now be a later version of code on CCO so I'd try that first.
07-08-2013 02:59 PM
Hi Roger,
We have updated the 5508s to software version 7.2.111.3 and our ACS is 4.2(0) Build 124 Patch 7. However I have tried almost everything I can find as appropriate suggestions from forums. Anyway thanks you for the reply, please update if you get to know any further.
Cheers
07-10-2013 02:45 PM
Hello,
As per your query i can suggest you the following solution-
Please refer to the link-
Hope this will help you.
07-11-2013 03:05 AM
So you have directed us to the manual for version 7.4 - what exactly are you trying to highlight?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide