LWAPP Authentication Misery

Discussion in 'Cisco' started by talent-keyhole, Aug 28, 2007.

  1. We have an intermittent LWAPP LEAP authentication problem. Does any of
    the errors below ring any bells with anyone? The application is Vocera
    (VOIP) authenticating using LEAP. Below is a summary.
    ===============================================================================
    The ACS DLL error is a new one, I think it might be the key. Same
    story, it starts and doesn't stop and all the controllers report the
    same error.
    ================================================================================
    Here is the error that is occurring on the Controller.

    Tue Aug 28 14:17:24 2007
    RADIUS server 10.64.2.20:1812 failed to respond to request (ID 125)
    for client 00:09:ef:02:5f:73 / user 'unknown'

    Tue Aug 28 14:17:24 2007
    RADIUS server 10.64.2.20:1812 failed to respond to request (ID 124)
    for client 00:09:ef:02:67:db / user 'unknown'
    =================================================================================

    Here is the error we see in the ACS error logs.

    08/28/2007 14:03:40 Authen failed xxxxxx BHS_WAP 00-09-EF-02-63-5E
    (Default) Radius extension DLL rejected user
    ================================================================================
    Here is an explaination of the error.

    RADIUS Extension DLL Rejected User Error

    Condition

    LEAP authentication fails. The error Radius extension DLL rejected
    user appears in the Failed Attempts log.

    Action

    To verify configured authentication type:

    --------------------------------------------------------------------------------

    Step 1 Verify that the correct authentication type has been set on the
    Access Point. Be certain that, at a minimum, you checked the Network-
    EAP check box.

    Step 2 If you are using an external user database for authentication,
    verify that ACS supports the database. For information on the external
    databases that ACS supports, see User Databases, in the User Guide for
    Cisco Secure Access Control Server.
    =================================================================================

    Does this ring any bells? Are we missing an obvious setting?
     
    talent-keyhole, Aug 28, 2007
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.