cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1251
Views
0
Helpful
2
Replies

WLC Web-auth fail with external RADIUS server

I follow step by step the link bellow to configure web-auth with external RADIUS server but I receive a error on console debug of the WLC "Returning AAA Error No Server (-7) for mobile"

My Radius Server is fine, because I can authenticate on WLC Web page with RADIUS user.

WLC 4402 version 4.1.171.0

http://www.cisco.com/en/US/products/ps6366/prod_technical_reference09186a0080706f5f.html

2 Replies 2

rochopra
Cisco Employee
Cisco Employee

Hi,

What is the error you get on radius server. Do you get any hits for the authentication request.

Have a look at the following link:

http://cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008067489f.shtml#two

Hope this helps.

Regards

Rohit

Hi,

I am having some issues when I try to authenticate an AD account against a NAP Radius Server on Windows 2008.

In fact, I own a WLC 2106 and I configured it to authenticate users againts a radius Server with Active Directory. I set the Web Radius Authentication to CHAP on the controller tab from the WLC 2106 and i am getting the error below  

: Authentication failed for gcasanova. When I set the controller to  Web Radius Authentication to PAP, everything is working fine. I am able to connect to through the controller using an AD Account. But my purpose is not use PAP which is an unsecure protocol since password are sent as plaintext on the network.

Can someone tell me what's wrong?

*radiusTransportThread: Oct 26 11:02:13.975:    proxyState......................                                                                                                 .............00:24:D7:40:E5:00-00:00

*radiusTransportThread: Oct 26 11:02:13.975:    Packet contains 0 AVPs:

*emWeb: Oct 26 11:02:13.977: Authentication failed for gcasanova
*aaaQueueReader: Oct 26 11:02:29.985: AuthenticationRequest: 0xb6564634


*aaaQueueReader: Oct 26 11:02:29.985:   Callback.....................................0x8576720

*aaaQueueReader: Oct 26 11:02:29.985:   protocolType.................................0x00000001

*aaaQueueReader: Oct 26 11:02:29.985:   proxyState...................................00:24:D7:40:E5:00-00:00

*aaaQueueReader: Oct 26 11:02:29.986:   Packet contains 11 AVPs (not shown)

*aaaQueueReader: Oct 26 11:02:29.986: apfVapRadiusInfoGet: WLAN(4) dynamic int attributes srcAddr:0x0, gw:0x0, mask:0x0, vlan:0, dpPort:0, srcPort:0
*aaaQueueReader: Oct 26 11:02:29.986: 00:24:d7:40:e5:00 Successful transmission of Authentication Packet (id 86) to 10.2.0.15:1812, proxy state 00:24:d7:40:e5:00-00:00
*aaaQueueReader: Oct 26 11:02:29.987: 00000000: 01 56 00 9a 8e 48 e7 20  1d ef be 29 e6 3a 61 6d  .V...H.....).:am
*aaaQueueReader: Oct 26 11:02:29.987: 00000010: 2b de 07 24 01 0b 67 63  61 73 61 6e 6f 76 61 3c  +..$..gcasanova<
*aaaQueueReader: Oct 26 11:02:29.987: 00000020: 12 3c ce a0 87 ac df 7a  a5 35 af 7c ef 83 c7 58  .<.....z.5.|...X
*aaaQueueReader: Oct 26 11:02:29.987: 00000030: ed 03 13 28 a7 5a 0d 26  6d ab 49 ea da 7c 5a 8e  ...(.Z.&m.I..|Z.
*aaaQueueReader: Oct 26 11:02:29.987: 00000040: 1d 94 70 69 06 06 00 00  00 01 04 06 0a 02 00 06  ..pi............
*aaaQueueReader: Oct 26 11:02:29.987: 00000050: 05 06 00 00 00 01 20 0a  50 41 52 2d 57 4c 43 31  ........PAR-WLC1
*aaaQueueReader: Oct 26 11:02:29.987: 00000060: 3d 06 00 00 00 13 1a 0c  00 00 37 63 01 06 00 00  =.........7c....
*aaaQueueReader: Oct 26 11:02:29.988: 00000070: 00 04 1f 0c 31 30 2e 32  2e 30 2e 31 35 36 1e 0a  ....10.2.0.156..
*aaaQueueReader: Oct 26 11:02:29.988: 00000080: 31 30 2e 32 2e 30 2e 36  50 12 7f 86 5a c5 61 ad  10.2.0.6P...Z.a.
*aaaQueueReader: Oct 26 11:02:29.988: 00000090: af 54 fa fa 42 e7 f6 16  9e 10                    .T..B.....
*radiusTransportThread: Oct 26 11:02:29.988: 00000000: 03 56 00 14 a9 10 07 84  83 00 87 83 b9 10 64 e1  .V............d.
*radiusTransportThread: Oct 26 11:02:29.988: 00000010: 66 b3 c5 5e                                       f..^
*radiusTransportThread: Oct 26 11:02:29.988: ****Enter processIncomingMessages: response code=3

*radiusTransportThread: Oct 26 11:02:29.988: ****Enter processRadiusResponse: response code=3

*radiusTransportThread: Oct 26 11:02:29.988: 00:24:d7:40:e5:00 Access-Reject received from RADIUS server 10.2.0.15 for mobile 00:24:d7:40:e5:00 receiveId = 0
*radiusTransportThread: Oct 26 11:02:29.989: 00:24:d7:40:e5:00 Returning AAA Error 'Authentication Failed' (-4) for mobile 00:24:d7:40:e5:00
*radiusTransportThread: Oct 26 11:02:29.989: AuthorizationResponse: 0xb97fe774


*radiusTransportThread: Oct 26 11:02:29.989:    structureSize................................32

*radiusTransportThread: Oct 26 11:02:29.989:    resultCode...................................-4

*radiusTransportThread: Oct 26 11:02:29.989:    protocolUsed.................................0xffffffff

*radiusTransportThread: Oct 26 11:02:29.989:    proxyState...................................00:24:D7:40:E5:00-00:00

*radiusTransportThread: Oct 26 11:02:29.989:    Packet contains 0 AVPs:

Review Cisco Networking for a $25 gift card