802.1x with Cisco wireless controller

[Mohammad H. Al Shami]

Thanks a million for your reply.

But I can't help but be surprised that the access controller is working well with the MS radius server. Since it doesn't, shouldn't it also work with FreeRadius?

-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+mshami=tagorg.com at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Sunday, April 19, 2015 9:53 PM
To: FreeRadius users mailing list
Subject: Re: 802.1x with Cisco wireless controller

On Apr 19, 2015, at 10:38 AM, Mohammad H. Al Shami <mshami at tagorg.com> wrote:
> I have been asked to integrate our Cisco WLC2504 wireless controller with Active Directory through LDAP. It is currently working well with Microsoft's radius server.

  That's expected.

> For some reason while running radiusd -X, I can see the requests coming from the access controller but nothing happens after a "Sent Access-Challenge" message. But if I wait some time without doing anything, the authentication works.

  Blame the AP and/or the end machine running EAP.  FreeRADIUS is sending a response, and they aren't continuing the EAP conversation.

  I've seen this before.  Honestly, I don't know what causes it.  Try... fail.  Try... fail.  Try... succeed. 

  Does the client have a random number generator which randomly fails authentication?  It's bizarre.

> What is puzzling me is the fact that the connection sometimes works but not always, also, I got a TP-Link running OpenWRT and set up WiFi to work with the same radius setup. It works properly.

  Yeah.  OpenWRT runs hostap for it's WiFi stack.  That code works.  Cisco equipment?  No idea.

> Am I missing anything guys?

  Switch to a different AP.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html