802.1x with Cisco wireless controller
Mohammad H. Al Shami
mshami at tagorg.com
Tue Apr 21 16:31:17 CEST 2015
Thanks for your suggestion Phil,
That's exactly what I did. I started from a fresh FreeRadius setup and reconfigured the controller from scratch. I back up every working step and when I fix something, I revert to the previous copy and make only the required changes, and back up again. I have an OpenWRT router authenticating against my FreeRadius server with no issues what so ever.
When trying to connect using the Cisco access controller 9 times out of 10 I get a "Can't connect to this network" error. With OpenWRT, it's working 100%.
I tried different configurations on the wireless controller with no luck. I followed the documentation, used the same options as the working SSID which uses the NPS, even tried toggling one option at a time. Both the WLC and the radius server are on the same subnet.
I would really appreciate it if you could share your configuration so I can check.
From: Freeradius-Users [mailto:freeradius-users-bounces+mshami=tagorg.com at lists.freeradius.org] On Behalf Of Phil Mayers
Sent: Tuesday, April 21, 2015 5:17 PM
To: freeradius-users at lists.freeradius.org
Subject: Re: 802.1x with Cisco wireless controller
On 21/04/15 14:46, Mohammad H. Al Shami wrote:
> Thanks Matthew,
> My access controller is running version 126.96.36.199. Can you share your
> configuration files or at least point me to a place where I can look?
> My setup works once then fails for some time, works once then fails
> for even more time. Clients can't join the wireless network so it's
> not an issue if me looking at the log.
You're not being clear here.
We use Cisco WLC. There's no special magic - just set them up according to the docs and they'll do radius auth.
I'm not sure what:
Clients can't join the wireless network so it's not an issue if me looking at the log.
I suggest you blow away your WLC and radius configs and start from scratch. Start simple - put a single controller and radius server on the same subnet, configure basic WPA-Enterprise on the controller, start with the FreeRADIUS default configs and a single test user, work from there. Make small changes at each step, and check the configs into version control after each change is working.
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users