Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Aironet with IOS code and Intel 2100 Wireless cards

Reply
Thread Tools

Aironet with IOS code and Intel 2100 Wireless cards

 
 
Barry
Guest
Posts: n/a
 
      01-19-2005
In my process of upgradig my Aironet 350APs to IOS I have run across an
issue with non Cisco card Leap use.

I have two laptops that don't work right
1. a Dell Latitude D800 with built in Intel 2100
2. a Toshiba Protege touchpad with build in Intel 2100

both did leap just fine in vxworks.
now after the upgrade to IOS

1. the Dell requires that I have have "open with eap" set on the ssid.
This forces me to use leap on that ssid and elimnates simply using wep on
the same ssid
2. the Toshiba doesn't work with or without the "open with eap" setting

I have another Dell laptop using a Dell braned a/b/g card that works just
fine without open set.

I have been talking with cisco tac, but they have not been able to provide a
solution yet. anyone else experience a similar issue when upgrading to IOS?
These above issues are also a problem with my 1231G APs that only run IOS


thanks
barry


 
Reply With Quote
 
 
 
 
Andrey Tarasov
Guest
Posts: n/a
 
      01-19-2005
Hello, Barry!
You wrote on Wed, 19 Jan 2005 14:25:58 -0600:

B> In my process of upgradig my Aironet 350APs to IOS I have run
B> across an issue with non Cisco card Leap use.

B> I have two laptops that don't work right
B> 1. a Dell Latitude D800 with built in Intel 2100
B> 2. a Toshiba Protege touchpad with build in Intel 2100

B> both did leap just fine in vxworks.
B> now after the upgrade to IOS

B> 1. the Dell requires that I have have "open with eap" set on
B> the ssid. This forces me to use leap on that ssid and elimnates
B> simply using wep on the same ssid
B> 2. the Toshiba doesn't work with or without the "open with eap"
B> setting

B> I have another Dell laptop using a Dell braned a/b/g card that
B> works just fine without open set.

B> I have been talking with cisco tac, but they have not been able to
B> provide a solution yet. anyone else experience a similar issue
B> when upgrading to IOS? These above issues are also a problem with
B> my 1231G APs that only run IOS

And relevant part of config looks like...?

With best regards,
Andrey.
 
Reply With Quote
 
 
 
 
Barry Gross
Guest
Posts: n/a
 
      01-19-2005

ssid xxxx
vlan xxx
authentication open eap eap_methods
authentication network-eap eap_methods

> And relevant part of config looks like...?
>
> With best regards,
> Andrey.



 
Reply With Quote
 
Andrey Tarasov
Guest
Posts: n/a
 
      01-19-2005
Hello, Barry!
You wrote on Wed, 19 Jan 2005 15:15:43 -0600:


BG> ssid xxxx
BG> vlan xxx
BG> authentication open eap eap_methods
BG> authentication network-eap eap_methods

??>> And relevant part of config looks like...?
??>>

I got it. It's a search for people with mind reading abilities. Sorry, I'm not
qualified.

With best regards,
Andrey.

 
Reply With Quote
 
z400d3
Guest
Posts: n/a
 
      01-20-2005
Hi Barry,

First off, I would reccomend that you get this client software and use
it for testing as it will eliminate the diferences between the card
client software and give you an even playing field to start with.

Odyssey Client from www.funk.com

Here is a sample config from a 1231 running leap and wep sucsesfully
....


!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname HOSTNAME
!
enable secret 5 XXXXXXXXXXXXXXXXXX
!
username Cisco password 7 135C424A535B57
ip subnet-zero
!
aaa new-model
!
!
aaa group server radius ssid
server 10.13.13.5 auth-port 1812 acct-port 1813
!
aaa authentication login eap_methods group ssid
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption key 1 size 128bit 7 XXXXXXXXXXXXXXX transmit-key
encryption mode wep mandatory
!
ssid ssid
authentication open eap eap_methods
authentication network-eap eap_methods
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0
36.0 48.0 54.0
rts threshold 2312
power client 50
channel 2432
station-role root
dot1x reauth-period server
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
ip address 10.13.13.100 255.255.255.0
no ip route-cache
speed 100
full-duplex
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 10.13.13.5 255.255.255.0
no ip route-cache
!
ip default-gateway 10.13.13.254
ip http server
ip http help-path
http://www.cisco.com/warp/public/779...eag/ivory/1100
ip radius source-interface BVI1
radius-server local
nas 10.13.13.5 key 7 XXXXXXXX
group GROUP
ssid ssid
!
user chris nthash 7
040B52275D711D1A5C4F2731465E2D20087E0071636D033156 425255027B0A7177
group GROUP
user jon nthash 7
13573342292F530C0E7D0B176C704A543527220E0E7A010558 5139430B79037202
group GROUP
user anthony nthash 7
13554E33595C557E7E720A15617732233456250F090072765F 5749420D7A057171
group GROUP
!
radius-server host 10.13.13.5 auth-port 1812 acct-port 1813 key 7
XXXXXXX
radius-server attribute 32 include-in-access-req format %h
radius-server authorization permit missing Service-Type
radius-server vsa send accounting
bridge 1 route ip
!
banner motd
! Authorised personnel only !

!
line con 0
line vty 0 4
password 7 XXXXXXXXXXX
line vty 5 15
password 7 XXXXXXXXXX
!
end


On Wed, 19 Jan 2005 14:25:58 -0600, "Barry" <(E-Mail Removed)>
wrote:

>In my process of upgradig my Aironet 350APs to IOS I have run across an
>issue with non Cisco card Leap use.
>
>I have two laptops that don't work right
>1. a Dell Latitude D800 with built in Intel 2100
>2. a Toshiba Protege touchpad with build in Intel 2100
>
>both did leap just fine in vxworks.
>now after the upgrade to IOS
>
>1. the Dell requires that I have have "open with eap" set on the ssid.
>This forces me to use leap on that ssid and elimnates simply using wep on
>the same ssid
>2. the Toshiba doesn't work with or without the "open with eap" setting
>
>I have another Dell laptop using a Dell braned a/b/g card that works just
>fine without open set.
>
>I have been talking with cisco tac, but they have not been able to provide a
>solution yet. anyone else experience a similar issue when upgrading to IOS?
>These above issues are also a problem with my 1231G APs that only run IOS
>
>
>thanks
>barry
>


Drop the ZZZ to reply

Cheers ...
 
Reply With Quote
 
Barry Gross
Guest
Posts: n/a
 
      01-20-2005
Hello Andrey,

My origninal questin was "anyone else experience a similar issue when
upgrading to IOS?". Obviously you haven't and you don't understand my
problem and thus are not likely able to answer my question. Take your bad
day out on someone else please.

Regards,
Barry
"Andrey Tarasov" <(E-Mail Removed)> wrote in message
news:csmm3d$27ht$(E-Mail Removed)...
> Hello, Barry!
> You wrote on Wed, 19 Jan 2005 15:15:43 -0600:
>
>
> BG> ssid xxxx
> BG> vlan xxx
> BG> authentication open eap eap_methods
> BG> authentication network-eap eap_methods
>
> ??>> And relevant part of config looks like...?
> ??>>
>
> I got it. It's a search for people with mind reading abilities. Sorry, I'm
> not
> qualified.
>
> With best regards,
> Andrey.
>



 
Reply With Quote
 
Barry Gross
Guest
Posts: n/a
 
      01-20-2005
thanks,
i tried the funk client on got the same results
hers it the 350 config. when i have the auth set to open with eap my
handhelds doing just wep could not connect, but with auth open no addition
my intel 2100 cards could not do leap. the vlan in question is 342


!
! Last configuration change at 15:06:46 S Wed Jan 19 2005
! NVRAM config last updated at 15:06:46 S Wed Jan 19 2005
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime localtime
service password-encryption
!
hostname HOSTNAME
!
logging queue-limit 100
logging buffered informational
logging console informational
enable secret
!
username
clock timezone S -6
clock summer-time S recurring
ip subnet-zero
ip domain name
ip name-server x.x.x.x
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login mac_methods local
aaa authorization exec default local
aaa session-id common
no dot11 igmp snooping-helper
iapp standby timeout 5
iapp standby poll-frequency 1
!
!
!
class-map match-all _class-48
match ip dscp cs6
class-map match-all _class-18
match ip dscp af21
class-map match-all _class-26
match ip dscp af31
class-map match-all _class-40
match ip dscp cs5
class-map match-all _class-24
match ip dscp cs3
class-map match-all _class-16
match ip dscp cs2
class-map match-all _class-34
match ip dscp af41
class-map match-all _class-10
match ip dscp af11
class-map match-all _class-32
match ip dscp cs4
class-map match-all _class-46
match ip dscp ef
class-map match-all _class-56
match ip dscp cs7
class-map match-all _class-8
match ip dscp cs1
class-map match-all _class-0
match ip dscp default
class-map match-all _class_Protocol_202_PF_202_119
match access-group name PF_202_119
!
!
policy-map _policy_Voice_Over_IP_202
class _class_Protocol_202_PF_202_119
set cos 6
policy-map fallback_policy
class _class-0
set cos 0
class _class-8
set cos 1
class _class-10
set cos 1
class _class-16
set cos 2
class _class-18
set cos 2
class _class-24
set cos 3
class _class-26
set cos 3
class _class-32
set cos 4
class _class-34
set cos 4
class _class-40
set cos 5
class _class-46
set cos 5
class _class-48
set cos 6
class _class-56
set cos 7
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 346 mode wep optional
!
encryption vlan 345 key 1 size 128bit 7 xxxxxxxxxxxxxxxx transmit-key
encryption vlan 345 mode wep mandatory
!
encryption vlan 344 key 1 size 128bit 7 xxxxxxxxxxxxxxxxxxx transmit-key
encryption vlan 344 mode wep mandatory
!
encryption vlan 343 key 1 size 128bit 7 xxxxxxxxxxxxxxxxxxxxxxx
transmit-key
encryption vlan 343 key 2 size 128bit 7 xxxxxxxxxxxxxxxxxxxx
encryption vlan 343 mode wep mandatory
!
encryption vlan 342 key 1 size 128bit 7 xxxxxxxxxxxxxxxxxxxxxxx
transmit-key
encryption vlan 342 mode wep mandatory
!
encryption vlan 341 key 1 size 128bit 7 xxxxxxxxxxxxxxxxxxxxxxxxx
transmit-key
encryption vlan 341 key 2 size 128bit 7 xxxxxxxxxxxxxxxxxxxxxxx
encryption vlan 341 mode wep mandatory
!
encryption vlan 34 key 1 size 128bit 7 xxxxxxxxxxxxxxxxxxxxxxxxx
transmit-key
encryption vlan 34 mode wep mandatory
!
encryption mode wep mandatory key-hash
!
ssid xxx346
vlan 346
authentication open
!
ssid xxx344
vlan 344
authentication open
authentication network-eap eap_methods
!
ssid xxx345
vlan 345
authentication open
!
ssid xxxx34
vlan 34
authentication open eap eap_methods
authentication network-eap eap_methods
!
ssid xxxx342
vlan 342
authentication open eap eap_methods
authentication network-eap eap_methods
!
ssid xxxx342
vlan 343
authentication open eap eap_methods
authentication network-eap eap_methods
!
ssid xxxx341
vlan 341
authentication open
authentication network-eap eap_methods
!
traffic-class background cw-min 5 cw-max 8 fixed-slot 2
traffic-class best-effort cw-min 5 cw-max 8 fixed-slot 6
traffic-class video cw-min 4 cw-max 6 fixed-slot 1
traffic-class voice cw-min 3 cw-max 7 fixed-slot 1
speed basic-11.0
rts threshold 2339
rts retries 32
power local 100
packet retries 32
no preamble-short
channel 2442
fragment-threshold 2338
station-role root fallback shutdown
no cdp enable
infrastructure-client
!
interface Dot11Radio0.34
encapsulation dot1Q 34 native
service-policy output fallback_policy
no ip route-cache
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.341
encapsulation dot1Q 341
service-policy output fallback_policy
no ip route-cache
no cdp enable
bridge-group 250
bridge-group 250 subscriber-loop-control
bridge-group 250 block-unknown-source
no bridge-group 250 source-learning
no bridge-group 250 unicast-flooding
bridge-group 250 spanning-disabled
!
interface Dot11Radio0.342
encapsulation dot1Q 342
service-policy output fallback_policy
no ip route-cache
no cdp enable
bridge-group 251
bridge-group 251 subscriber-loop-control
bridge-group 251 block-unknown-source
no bridge-group 251 source-learning
no bridge-group 251 unicast-flooding
bridge-group 251 spanning-disabled
!
interface Dot11Radio0.343
encapsulation dot1Q 343
service-policy output fallback_policy
no ip route-cache
no cdp enable
bridge-group 252
bridge-group 252 subscriber-loop-control
bridge-group 252 block-unknown-source
no bridge-group 252 source-learning
no bridge-group 252 unicast-flooding
bridge-group 252 spanning-disabled
!
interface Dot11Radio0.344
encapsulation dot1Q 344
service-policy output fallback_policy
no ip route-cache
no cdp enable
bridge-group 253
bridge-group 253 subscriber-loop-control
bridge-group 253 block-unknown-source
no bridge-group 253 source-learning
no bridge-group 253 unicast-flooding
bridge-group 253 spanning-disabled
!
interface Dot11Radio0.345
encapsulation dot1Q 345
service-policy output fallback_policy
no ip route-cache
no cdp enable
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
bridge-group 254 spanning-disabled
!
interface Dot11Radio0.346
encapsulation dot1Q 346
service-policy output fallback_policy
no ip route-cache
no cdp enable
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
bridge-group 255 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
ntp broadcast client
!
interface FastEthernet0.34
encapsulation dot1Q 34 native
service-policy output fallback_policy
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.341
encapsulation dot1Q 341
service-policy output fallback_policy
no ip route-cache
bridge-group 250
no bridge-group 250 source-learning
bridge-group 250 spanning-disabled
!
interface FastEthernet0.342
encapsulation dot1Q 342
service-policy output fallback_policy
no ip route-cache
bridge-group 251
no bridge-group 251 source-learning
bridge-group 251 spanning-disabled
!
interface FastEthernet0.343
encapsulation dot1Q 343
service-policy output fallback_policy
no ip route-cache
bridge-group 252
no bridge-group 252 source-learning
bridge-group 252 spanning-disabled
!
interface FastEthernet0.344
encapsulation dot1Q 344
service-policy output fallback_policy
no ip route-cache
bridge-group 253
no bridge-group 253 source-learning
bridge-group 253 spanning-disabled
!
interface FastEthernet0.345
encapsulation dot1Q 345
service-policy output fallback_policy
no ip route-cache
bridge-group 254
no bridge-group 254 source-learning
bridge-group 254 spanning-disabled
!
interface FastEthernet0.346
encapsulation dot1Q 346
service-policy output fallback_policy
no ip route-cache
bridge-group 255
no bridge-group 255 source-learning
bridge-group 255 spanning-disabled
!
interface BVI1
ip address dhcp client-id FastEthernet0
no ip route-cache
!
ip default-gateway 172.18.1.1
ip http server
ip http help-path
http://www.cisco.com/warp/public/779...eag/ivory/1100
ip http authentication aaa
ip radius source-interface BVI1
!
ip access-list extended PF_202
permit 119 any any
permit ip any any
ip access-list extended PF_202_119
permit 119 any any
permit ip any any
logging trap warnings
logging facility local0
logging 10.101.1.183
snmp-server view iso_view iso included
snmp-server community
snmp-server enable traps tty
snmp-server enable traps disassociate
snmp-server enable traps deauthenticate
snmp-server enable traps authenticate-fail
radius-server authorization permit missing Service-Type
radius-server vsa send accounting
radius-server vsa send authentication
bridge 1 route ip
!
!
!
line con 0
stopbits 1
line vty 5 15
terminal-type teletype
!
ntp clock-period 17206570
ntp server 10.101.1.6
end



"z400d3" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi Barry,
>
> First off, I would reccomend that you get this client software and use
> it for testing as it will eliminate the diferences between the card
> client software and give you an even playing field to start with.
>
> Odyssey Client from www.funk.com
>



 
Reply With Quote
 
Uli Link
Guest
Posts: n/a
 
      02-18-2005
Barry Gross schrieb:

> !
> encryption vlan 342 key 1 size 128bit 7 xxxxxxxxxxxxxxxxxxxxxxx
> transmit-key
> encryption vlan 342 mode wep mandatory
> !


Use cipher wep128 (or better: ckip-cmic) instead of wep.
AFAIR when using dynamic keys through LEAP you must not set a key in
slot 1 *and* slot 4.
This is different behaviour of the IOS and VxWorks APs.

--
Uli

These opinions are mine. All found typos are yours.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Please help - Intel Pro/Wireless LAN 2100 3A mini PCI adapter =?Utf-8?B?Q3VyaW91cyBDYWxseQ==?= Wireless Networking 3 01-22-2008 08:15 PM
an Intel PRO/DSL 2100 or Intel PRO/DSL 2200 Modem roberthob Computer Support 0 09-25-2005 05:51 PM
Replace a non IOS 350 Cisco Aironet bridge with IOS Mr Corbett Cisco 5 08-19-2005 09:40 PM
where to get latest Drivers for Intel Pro/wireless 2100 mini pci adapter Headtheball Wireless Networking 5 09-10-2004 07:19 AM
Re: Tosh Satellite Pro 2100 and wireless cards. John Owens Computer Support 1 11-06-2003 05:57 PM



Advertisments