Announcement

Collapse
No announcement yet.

Config...of cisco secure ACS radius server, AP1200 series

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Config...of cisco secure ACS radius server, AP1200 series

    ERROR message : Authentication failed-invalid credential and unknown user from cisco secure database.
    --------------------------------------------------------------------------------


    In win2003 server i installed cisco secure ACS radius server. and i created some users in the cisco secure acs data base.

    AAA-client: cisco AP1200 series.

    data encryption: TKIP
    keymenagement :WPA
    authen.... : open with eap and network eap

    user device (laptop):
    wpa
    tkip
    eap type: LEAP
    username and passed...



    i created user name and password in cisco secure database .even though i am getting authentication is failed. where i did misconfiguration ?

    with open authentication it worked. but with open authentication with EAP...i am not able to access net.

    i read lot of documents related to secure acs and AP 1200 series with WPA keymenagement.but i didn't find proper solution.

    Any help on this is greatly appreciated.Thanks

    tx
    ankit

  • #2
    You need an AirMagnet

    Try checking out AirMagnet since it appears you are in a commericial environment you could probably get budget for it. If you are not, check out kismet for linux or netstumbler for windoze. You need some visibility in what is happening on your wlan. Without it you cannot determine where the problem is.

    Comment


    • #3
      Originally posted by ankarao11
      ERROR message : Authentication failed-invalid credential and unknown user from cisco secure database.
      --------------------------------------------------------------------------------
      I'm not sure what's going on (unless the username/password doesn't match, but I'll assume you've thought of that one), but here are a couple of Cisco pages on configuring LEAP and WPA that might be helpful:

      LEAP with WEP
      WPA Configuration

      The second page has some good debug commands you could use.

      Airmagnet, Kismet, and Netstumbler are pretty much irrelevant, since you're trying to debug encrypted authentication traffic.

      Comment


      • #4
        hai,

        thanks for ur information. i configured ap1200 and secure ACS according those two links.

        even though i am getting same error.....i.e ... authentication failed and unknown user from secure database...

        could u plz help me more in this task .

        thanks

        ankarao







        Originally posted by Zhym
        I'm not sure what's going on (unless the username/password doesn't match, but I'll assume you've thought of that one), but here are a couple of Cisco pages on configuring LEAP and WPA that might be helpful:

        LEAP with WEP
        WPA Configuration

        The second page has some good debug commands you could use.

        Airmagnet, Kismet, and Netstumbler are pretty much irrelevant, since you're trying to debug encrypted authentication traffic.

        Comment


        • #5
          hai,

          thanks for ur imformation.....i am testing this problem from windows xp laptop..and i need to test it only xp operating system according my work..

          do u have more usaful information regarding this task please....

          thanks

          ankarao










          Originally posted by Hiro_Protagonis
          Try checking out AirMagnet since it appears you are in a commericial environment you could probably get budget for it. If you are not, check out kismet for linux or netstumbler for windoze. You need some visibility in what is happening on your wlan. Without it you cannot determine where the problem is.

          Comment


          • #6
            Originally posted by ankarao11
            even though i am getting same error.....i.e ... authentication failed and unknown user from secure database...
            Is your ACS server set up to allow authentication from that device?

            Is your ACS server properly entered in the AP's config?

            If both of the above are true, are the credentials you're trying to use valid?

            Does your wireless card work with LEAP? Some older 802.11 cards won't.

            Comment


            • #7
              Sometimes it's the simple things

              Do you have Server Certificates configured on your server? If you are using SP2 on XP this is known to be a problem. On your client you will need to go to the authentication tab go to the eap properties and either uncheck the Validate server certificate check box or adjust the settings accoridingly.

              gg

              Comment

              Working...
              X