Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Aironet 1200, 802.1x and Microsoft IAS (Radius) Server problems...

Reply
Thread Tools

Aironet 1200, 802.1x and Microsoft IAS (Radius) Server problems...

 
 
Martin Bodenstedt
Guest
Posts: n/a
 
      10-14-2004
hi,

does anybody have (or know of) a sample configuration to use the 1200 in
802.1x mode authenticating against a Microsoft Radius server using
Certificates?

any help greatly appreciated!


--
Martin Bodenstedt

www.landtag-bw.de / www.die-bodenstedts.de
 
Reply With Quote
 
 
 
 
John Smith
Guest
Posts: n/a
 
      10-16-2004
i dont...but i was trying to implement the exact same thing just this past
week. i couldn't for the life of me get it to work using a cisco wireless
pc card in my laptop. i tried configuring an EAP server to point to our
domain controller (which had radius installed on it) and even tried these
instructions for configuring the radius server:
http://support.microsoft.com/default...b;en-us;318710
nothing freaking worked...
i couldn't tell if my problem was:
1. the aironet
2. wireless pc card config
3. ms radius (IAS)
if you get it, or anyone else gets that working, definitely please post your
config(s)..!!
THANKS!!!

"Martin Bodenstedt" <(E-Mail Removed)> wrote in message
news:cklgl7$qeh$(E-Mail Removed)...
> hi,
>
> does anybody have (or know of) a sample configuration to use the 1200 in
> 802.1x mode authenticating against a Microsoft Radius server using
> Certificates?
>
> any help greatly appreciated!
>
>
> --
> Martin Bodenstedt
>
> www.landtag-bw.de / www.die-bodenstedts.de



 
Reply With Quote
 
 
 
 
Martin Bodenstedt
Guest
Posts: n/a
 
      10-17-2004
John Smith wrote:

> i dont...but i was trying to implement the exact same thing just this past
> week. i couldn't for the life of me get it to work using a cisco wireless
> pc card in my laptop. i tried configuring an EAP server to point to our
> domain controller (which had radius installed on it) and even tried these
> instructions for configuring the radius server:
> http://support.microsoft.com/default...b;en-us;318710
> nothing freaking worked...
> i couldn't tell if my problem was:
> 1. the aironet
> 2. wireless pc card config
> 3. ms radius (IAS)
> if you get it, or anyone else gets that working, definitely please post your
> config(s)..!!
> THANKS!!!
>


I will!

But I'm still looking...

--
Martin Bodenstedt

(www.die-bodenstedts.de / www.maboko.de)
 
Reply With Quote
 
John Smith
Guest
Posts: n/a
 
      10-21-2004
update:
for the time being i gave up..i could see my wireless trying to authenticate
against IAS (viewable in the event viewer on the windows box) but it was
saying bad username/password....i trying manually entering my username
password using cisco's desktop utility for the pc card and i tried just
checking use windows username/password or whatever..nothing worked...
i have given up and resigned myself to failure.
i implemented wep,wap, and mac authentication instead....ie i tried to use
as much other security as i could....

"Martin Bodenstedt" <(E-Mail Removed)> wrote in message
news:ckthos$7ek$00$(E-Mail Removed)-online.com...
> John Smith wrote:
>
>> i dont...but i was trying to implement the exact same thing just this
>> past week. i couldn't for the life of me get it to work using a cisco
>> wireless pc card in my laptop. i tried configuring an EAP server to
>> point to our domain controller (which had radius installed on it) and
>> even tried these instructions for configuring the radius server:
>> http://support.microsoft.com/default...b;en-us;318710
>> nothing freaking worked...
>> i couldn't tell if my problem was:
>> 1. the aironet
>> 2. wireless pc card config
>> 3. ms radius (IAS)
>> if you get it, or anyone else gets that working, definitely please post
>> your config(s)..!!
>> THANKS!!!
>>

>
> I will!
>
> But I'm still looking...
>
> --
> Martin Bodenstedt
>
> (www.die-bodenstedts.de / www.maboko.de)



 
Reply With Quote
 
flitcraft33 flitcraft33 is offline
Junior Member
Join Date: Mar 2008
Posts: 1
 
      03-07-2008
This config works but does not assign vlans properly.


aaa group server radius rad_eap1
server 10.3.1.2 auth-port 1645 acct-port 1646
!
aaa authentication login default group radius group rad_eap local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login eap_methods1 group rad_eap1
aaa authorization exec default group radius group rad_eap local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 vlan-name ptc vlan 17
!
d!
dot11 ssid ptc
vlan 17
authentication open eap eap_methods1
authentication network-eap eap_methods1
mbssid guest-mode
!
!
!
username das password 7 08054D58060C11464A5B55
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 17 mode ciphers aes-ccm
!

!

ssid ptc
!
mbssid
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2437
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.17
encapsulation dot1Q 17
no ip route-cache
bridge-group 17
bridge-group 17 subscriber-loop-control
bridge-group 17 block-unknown-source
no bridge-group 17 source-learning
no bridge-group 17 unicast-flooding
bridge-group 17 spanning-disabled


Hope this helps.
!
 
Reply With Quote
 
dcpearso dcpearso is offline
Junior Member
Join Date: Mar 2008
Posts: 6
 
      03-08-2008
I have got this working many times using the Cisco Wireless LAN Controller. The process is relativelty simple. I have never tried it on a 1200 series but i would imagine the process is quite similar.

Try http://www.cisco.com/en/US/docs/wire...de/c32sol.html

There is some good information on what groups and aaa messages to send from the radius to the cisco.

Are you using windows radius? If so i can send you a screenshot of how i configured dynamic vlans on it for the wlc.
 
Reply With Quote
 
dbcooper_1 dbcooper_1 is offline
Junior Member
Join Date: Apr 2009
Posts: 1
 
      04-13-2009
I would be most greatful for a screenshot of your windows radius setup. I am in the process of getting my network tied down.
Thanks!
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cisco Aironet 1100 LEAP, MS IAS Auth error; what is wrong with my config? data_noid Hardware 0 11-27-2009 09:10 PM
Aironet 1200 and Aironet 1300 compatible? Andre Paetzold Cisco 2 12-09-2004 07:48 AM
microsoft.public.dotnet.faqs,microsoft.public.dotnet.framework,microsoft.public.dotnet.framework.windowsforms,microsoft.public.dotnet.general,microsoft.public.dotnet.languages.vb Charles A. Lackman ASP .Net 1 12-08-2004 07:08 PM
Aironet 1200 AP against IAS jt Cisco 6 05-07-2004 12:37 PM
Configuring Cisco Aironet 350 Access Points to work with MS IAS MS Newbie Cisco 0 11-01-2003 10:14 AM



Advertisments