802.1x with Cisco wireless controller

Alan DeKok aland at deployingradius.com
Sun Apr 19 20:52:33 CEST 2015

On Apr 19, 2015, at 10:38 AM, Mohammad H. Al Shami <mshami at tagorg.com> wrote:
> I have been asked to integrate our Cisco WLC2504 wireless controller with Active Directory through LDAP. It is currently working well with Microsoft's radius server.

  That's expected.

> For some reason while running radiusd -X, I can see the requests coming from the access controller but nothing happens after a "Sent Access-Challenge" message. But if I wait some time without doing anything, the authentication works.

  Blame the AP and/or the end machine running EAP.  FreeRADIUS is sending a response, and they aren't continuing the EAP conversation.

  I've seen this before.  Honestly, I don't know what causes it.  Try... fail.  Try... fail.  Try... succeed. 

  Does the client have a random number generator which randomly fails authentication?  It's bizarre.

> What is puzzling me is the fact that the connection sometimes works but not always, also, I got a TP-Link running OpenWRT and set up WiFi to work with the same radius setup. It works properly.

  Yeah.  OpenWRT runs hostap for it's WiFi stack.  That code works.  Cisco equipment?  No idea.

> Am I missing anything guys?

  Switch to a different AP.

  Alan DeKok.

More information about the Freeradius-Users mailing list