Re: WPA-PSK problems

olhcc · ‎06-06-2008

We have a guest WLAN set up using WPA2-PSK where we give out the generic network key to all users. The thing is, some users can connect, others cannot.

Debugs on the APs show "Authentication Failed." That's it. I know it's not a mistyped key.

I know the APs work, because all of our corporate devices authenticate fine. It;s just the guests on the PSK guest WLAN that have trouble. I guess what I'm asking is: Is there anything I can do to increase compatibility on the WAP? WPA1/TKIP are allowed. I did change the Ethernet Encapsulation Transform on the radio to 802.1H from RFC 1042. Would this even matter?

Scott Fella · ‎06-06-2008

I fyou know the key is not mistyped then take a look at the client driver version. Son old drivers don't work very well with WPA.

-Scott
*** Please rate helpful posts ***

dennischolmes · ‎06-06-2008

Also make sure that the encryption type is set correctly on both the clients and the controller. They could be attempting the wrong encryption as when you set it up in the SSID settings you must set WPA2 policies.

Vinay Saini · ‎06-06-2008

Hii For WPA-PSK to work , you need to make sure.

1. You are selecting correct key type (hex/ascii)

2. You are using same key

3. Check for the corrupt driver versions

4. Are you using same client utility on end devices like cisco ADU ?

5. Capture the auth sequence using airopeek and see the authentication failure reason code

6. Debug the client and see the problem using command "debug client"

olhcc · ‎06-09-2008

Thanks all, the problem was that AeroNet extension were turned on. Lots of WiFi cards, even current ones with current drivers/firmware, can't do WPA-PSK auth with the AeroNet Extension turned on.