12-13-2011 07:35 AM - edited 07-03-2021 09:13 PM
Hi,
It's my first post so I hope I won't forget important details
I try to configure a WorkGroupBridge AP (Cisco 1240) with a LW-AP connected to a WL Controller 4400.
My situation looks like to this one : http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080905cea.shtml
The only thing I have to modify is the authentication encryption.
Below, the WLAN parameters.
Unfortunately and despite of many docs I've found on Cisco website, I don't understand the authentication error I have between WGB and AP.
A debugging on WLC give an infinite result of this error :
*Dec 13 13:24:08.798: 58:8d:09:8e:28:dc Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Dec 13 13:24:08.851: 58:8d:09:8e:28:dc Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
[...]
On the controller, the AP State is on "Probing" status.
On the WGB I just have this error :
%DOT11-4-CANT_ASSOC: Interface Dot11Radio0, cannot associate: WPAIE Invalid unicast suite count: 2
Can you help me to resolve this problem?
So, this is the conf I have configured :
____________________________________________________________________________________________________
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
enable secret 5 <Password>
!
clock timezone GMT+1 1
ip subnet-zero
!
!
no aaa new-model
!
dot11 ssid <Wifi SSID>
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa
authentication client username <username> password 7 <encrypted password>
infrastructure-ssid
!
dot11 network-map
power inline negotiation prestandard source
!
!
username Cisco password 7 <Encrypted Password>
username cat-tacacs privilege 15 password 7 <Encrypted Password>
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
ssid <Wifi SSID>
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role workgroup-bridge
rts threshold 2312
mobile station period 20 threshold 70
beacon period 50
infrastructure-client
bridge-group 1
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
no dfs band block
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabled
!
interface BVI1
ip address dhcp
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
!
!
control-plane
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
!
sntp server <SNTP Server address>
end
__________________________________________________________________________________________________
Looking forward to hearing from you,
J.B
12-13-2011 07:39 AM
on your wlc under your WLAN do you have aironet extensions check boxed ?
Sent from Cisco Technical Support iPhone App
12-13-2011 07:40 AM
What security are you using on your wlc ?
Sent from Cisco Technical Support iPhone App
12-13-2011 07:48 AM
Yes, "Aironet extensions" are checked
What Security? A Radius accounting with TACACS+ for local logging.
12-15-2011 06:16 PM
I see on the bridge you have WPA / TKIP and on your controller you have WPA/WPA2 and AES and TKIP.
hav you tried just allowing WPA / TKIP on your WLC.
12-20-2011 03:06 AM
Yes, I tried... No changes.
12-20-2011 06:43 AM
My advice at this point since its still just in probe state.. Rip the wgb back to basic meaning no security and then start to apply pieces of your Config and test as you go along.
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide