Cisco :: AP1252 - Authenticating Client Computers Onto Wireless Network?
May 22, 2013
I am having problems authenticating client computers onto the wireless network using a Cisco AP1252 via radius
Setup:
I have a Cisco AP1252 wireless Access Point connected to a Cisco ASA5510 on subnet X.X.5.Z The access point ip address is X.X.5.101
The ASA on another port is also connected to the wired network on a different subnet X.X.0.Z
On the wired network are two radius servers - Ubuntus servers running freeradius which are running fine and reliably authenticate wired users for ssh connections to the ASA and importantly to the AP1252 as well (The radius servers ip addresses are X.X.0.191 and X.X.0.192)
Problem:
When a wireless user tries to connect to the wireless network via the AP1252 after being disconnected form it for a while (or after waking from a long sleep) they are never authenticated. They just try over and over and never obtain an IP
Interestingly in such a case neither Ubuntu server shows any sign of receiving an authentication request from the AP - Both ubuntu servers are running in debug mode so they show any activity - there is none
Oddly:
If i try to authenticate a user wirelessly to the AP and leave it in the usual state of trying over and over (with no visible activity on the ubuntu servers) BUT then go to a wired machine and attempt to authenticate an ssh connection to the AP1252 using a terminal command ssh user1@X.X.5.101 THEN as soon as I hit enter on that request (and before I enter a password for the ssh connection) THE WAITING WIRELESS USER IS IMMEDIATELY AUTHENTICATED (and the ubuntu server shows the authentication activity for the wireless user
I really do not understand this and cannot use this method to facilitate wireless user authentication 
What might be causing this behavior - it seems like the AP sleeping and the wired ssh request wakes it up so that it sees the pending wireless user waiting and then acts on that completing the wireless user authentication request.
View 11 Replies
ADVERTISEMENT
Oct 16, 2012
Web clients are receiving login failed messages and VPN clients are getting disconnected by host messages. I am able to ping the server from the ASA5510. Users authenticate in AD. I am not sure if the problem is on the server or the ASA.
View 1 Replies
View Related
Apr 8, 2012
WLC software 7.2.103.0
1. first problem: AP1252 can´t join on WLC. MAC was add on mac filter properly.
170Mon Apr 9 15:37:32 2012Mesh Node '2c:3f:38:be:53:ef' failed to join controller, MAC address not in MAC filter list.171Mon Apr 9 15:37:32 2012AAA Authentication Failure for UserName:2c3f38be53e0 User Type: WLAN USER172Mon Apr 9 15:37:32 2012Coverage hole pre alarm for client[1] 40:a6:d9:ef:87:68 on 802.11b/g interface of AP 2c:3f:38:bf:0c:80 (AP2c3f.38bf.0c80). Hist: 46 7 5 4 2 1 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0173Mon Apr 9 15:37:32 2012Coverage hole pre alarm for client[1] 8c:7b:9d:05:a0:67 on 802.11b/g interface of AP 2c:3f:38:bf:0c:80 (AP2c3f.38bf.0c80). Hist: 50 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0174Mon Apr 9 15:37:30
[code]....
Several APs can´t join on WLC and all are added on MAC filter, but they are showing this messages.
2 . Second problem.: Operational Status = UNKNOWN
Some Access Point are in UNKNOWN status. I tried but I can´t do the reboot. I can access Web config the APs using WLC, but when I applied the reset, it wasn´t working properly.
View 2 Replies
View Related
Jan 16, 2012
have Cisco AIR-AP1252-AG-A-K9 Access Point and 5GHZ radios are not working but interface status showing is up and running but signal is very weak I think it's working through only internal antennas when i connect external antenna even the signal is very weak and i am using external antennas air-ant5135dw-r=. What is the exact problem of that 5ghz radios. I have tried through external antenna gain 9,11 and 27, and all i tested but not working.
View 7 Replies
View Related
Jul 12, 2012
I am having connectivity/stability problems with wifi clients, using 14 accesspoints (Cisco AP1252). All wifi clients are impacted, no matter which AP they are associated with.
Symptoms :
------------------
- client associates to a ssid, everything runs fine
- all of a sudden, the client begins having problems contacting certain LAN servers, while others still work.
- after a little while, situation comes back to normal
After hours (and days..) of testing and troubleshooting, I have nailed the problem to be at the AP1252 level. When the client experiences problems, he does not receive Broadcast traffic (thus, he cannot respond to the ARP requests from the server he is trying to contact).
While the client was experiencing the problem, I have configured a port on same switch, to act as a monitor port for the AP he was associated to at the time : it seems to me that the accesspoint DOES receive the broadcasts ARP at all times. Only sometimes it prevents them from reaching the wireless clients.. I did a tcpdump on 2 different clients who were associated to the same accesspoint : both were not getting the broadcasts from the lan.
Tcpdump arp from a wireless client (172.30.2.32) :
View 2 Replies
View Related
Jun 8, 2011
i have problem with my 3 new cisco AP1252AG and Radius server (windows 2000 IAS).On the 3 AP, i have two ssid :,One with Wpa pre-shared key,the other one with EAP/radius,the one with preshared key works well but the other have some trouble, here is the error message ,i have check the shared secret in radius and ap and it's ok.The error appears randomly.
View 1 Replies
View Related
Feb 18, 2013
We have cisco 5508 office extend in dmz running code 7.3.112. 1132 AP seems to register and authenticate fine but OEAP 600 series dont seem to authenticate. they seem to join the controller and download the SSID but just wont authenticate ? not even registering on the AAA server
View 9 Replies
View Related
Aug 5, 2012
I am not able to share files with computers past my Client Bridge. I can see one computer past the bridge in my network and two more can see but all have internet, but still can not access ant to get to their shared folders. Do not know if operating systems would made a difference, I main computer run Windows 7 Pro 64 bit. all the rest run XP Home. Have two computers before the bridge no problem there.
View 2 Replies
View Related
Aug 22, 2011
I have a WAP4410n which I'd like to authenticate users against our corporate active directory. I would like to know how to achieve this - whether we require a dedicated RADIUS server, whether AD has a RADIUS engine which can be used, etc. Also, what would the pros / cons be of this setup versus using a WPA2 password?
View 2 Replies
View Related
Feb 18, 2012
I put a password on my WRT54GC ver 2.0. After that i couldn't access internet. It keeps authenticating and never connects.
View 2 Replies
View Related
Jun 24, 2007
Here at HQ we have a 4402 WLC. At our remote sites we have 1231G APs running in autonomous mode. I upgraded one of the APs -- IOS 12.4(3g)JA -- to run LWAPP. Per release notes I've read upgraded 1231's do not support REAP/HREAP mode, consequently, it's running in LOCAL mode.
The AP is managed by the WLC. I created a WLAN for the remote site and assigned it to the MGMT interface; the remote site subnet doesn't exist in HQ. The DHCP server for the remote site is presently at that site; AP and DHCP server reside at the same place.
Clients authenticate successfully to the remote site AP, however, they are not getting DHCP addresses assigned. Does the DHCP server for the remote site have to reside in HQ since the AP is running in local mode? If so, where is that specified, on the MGMT interface config?
View 4 Replies
View Related
May 27, 2013
i have 2 1260 Access points one is in root mode , one is wgb mode. Authentication is EAPFAST. There are 5 devices connected via WGB bridge to the rest of the network.
- If clients are sending some data , then WGB AP announces this client mac via IAPP to root AP and rest of the network sees them correctly
- If clients are "passive" , then after WBG AP announces them to root AP , they timeout after 6 minutes on root AP and obviously they are not pingable from the rest of the network. The only way to restore connectivity is to ping that device from WGB AP, then WGB AP announces via IAPP to root AP , then and only then they become visible from the rest of the network.
My question is related to this 6 minute timeout on root AP . Is it normal behaviour ?
View 5 Replies
View Related
Jun 16, 2013
Cisco 2504 wlc, 1142n ap, windows radius server.
When I click on Network, the only computer that shows up is mine. If I am hardwired then everything shows up (Servers, other workstations). Is this a problem with the radius server or something on the controller?
View 2 Replies
View Related
Jan 4, 2012
I had to change the power adapter on the D-Link ( DI-624 ) and since then the other computers cannot access the internet connection
View 1 Replies
View Related
Nov 2, 2012
I have a dell desktop running windows vista that connects to my wireless router with a cable. I have an HP laptop that is running windows 7 that is wireless.When I look at network computers on the dell I get an error message that says that the computer is not accessible. The same thing happens when I try to log onto the desktop from the laptop. When I try to run the network wizard from the desktop, I see see connect to the internet, connect to a wireless router or access point, setup a dialup connection and connect to a workplace.None of them make sense but I tried connect to a wireless router and got a message that said to set it up manually or set up a flash drive, neither of which makes sense. I tried set it up manually and all that happened is the router setup screen opened up.I tried the same thing on the laptop and the setup the network wizard opened a screen that said choose a wireless router or access point to configure, but nothing ever showed up on that screen.
View 2 Replies
View Related
Apr 15, 2012
I have set up a wireless network in my home using s d-link N+ 300 DIR-655 and the desktop that is directly connected to the modem and router can connect to the internet and my laptop can access the wireless network and get online but I have another desktop that cannot connect to the wireless network. It can see it but when i try and connect i get the message that it was unable to connect or sometimes that i was able to connect but have limited connectivity.
View 6 Replies
View Related
Jan 18, 2011
I have 2 laptop connect to 1 wireless/modem router. Laptop A using Windows XP SP2 Laptop B using Windows XP SP3
How can i link both laptop to shared folder with one another ?
View 4 Replies
View Related
Jun 13, 2011
I'm having problems with my wireless computers seeing the rest of my network. This is my setup. ATT dsl modem into a 16 port netgear gigabit switch into dlink 615 Some computers are hardwired two are wireless All was working well before d-link with the linksys When im on a wireless computer i cant see the other computers hardwired to the network through the switch. When i take a wireless computer and plug it directly into the switch it see the rest of the computers fine.Something screwy is happening between the switch and the dlink router not allowing me to see my shared folders and printer over wifi.
View 1 Replies
View Related
Jun 19, 2011
I recently decided to buy a DIR-655 router to create a wireless network in my home. I hooked it up last night and speeds look fine with my rr standard 10mpbs service. However, I decided to check the wireless status and my macbook, macbook pro, and my desktop computer are only getting at most 130mbps. Is there anything i can do to maximize this and go beyond 130mbps
View 3 Replies
View Related
Nov 7, 2012
I have two WRT54GL wireless routers. I have a computer and printer in my office connected to one of them. I'd like to add a computer and printer back in the shop to my network without using a wired connection. Can I use the 2nd wirelss router so that all computers and printers are on one network?
View 6 Replies
View Related
Jul 12, 2012
how to Configure ACS 5.x so LMS 4 users can authenticate via TACACS+? I have ACS 5.x setup and authenticating to Active Directory. Have changed the LMS 4.x Authentication Module to TACACS+. Have gotten past the user / password problem by configuring a local user in LMS 4.x. Now, am hitting the Default rule in ACS and Shell Profile is deny access..
View 1 Replies
View Related
Feb 23, 2011
We are starting to roll out a few Win7 devices. Even on our Guest WLAN, they are taking longer to authenticate on the AP1231 than WinXP. The APs are controlled by a WLC, which connects to NAC?
View 3 Replies
View Related
Jul 14, 2011
Our wireless clients that connect through our AP541N cannot see other computers on the network. They can ping other computers by IP and host name and access the internet OK. Mapped network drives can be connected initially but are very unreliable and always end up disconnecting. Restarting the computer does not work. When these computers are wired they see the network as expected. why my wireless network would behave differently then the wired? The wired and wireless networks are on the same VLAN. The wireless clients are all Windows 7 systems.
View 3 Replies
View Related
Apr 2, 2012
the site has a private wireless network for which I pay a yearly access fee. This gives me a code I can use to gain access each time I connect. We used to be able to have all our family's laptops, etc., connected at the same time using this code, but the site has recently changed the configuration so that we can't do this. Is there any way we can share the connection made by one computer so that we can all access the Internet at the same time? The site is in a remote location that gets poor mobile data coverage and landlines are not an option. The yearly fee is already high, so I can't afford to pay for multiple subscriptions.
View 1 Replies
View Related
Dec 30, 2012
I have 3 computers all running Windows 7 64bit. I had to move my desktop computer to a different room with no ethernet connection so I purchased a Linksys AE2500 usb wireless adapter for it. My router/modem is a Actiontec 2000 which came with my internet. When I have my desktop on and connected to the internet it slows down all the computers on the network and it is really slow. My question is do I have something installed wrong? I used the driver for teh adapter from this site and nothing else has changed.
View 2 Replies
View Related
May 1, 2012
I have a E2500 connected to a cable modem as the base of my home network. Hard wire connected to the E2500 is an linksys 8 port hub and a couple of computers. The 8 port hub is connected to a couple of computers and a xbox. I have the hub as a distro point to cut down on wiring. Wirelessly connected to the E2500 are a variety of laptops, netbooks, ipods, an ipad, a playbook, an iphone, a android phone, a wireless printer and a Ps3. Most of the devices are just using the wifi for internet access. Most devices have been setup with their own ip addresses to avoid ip conflicts. The computers and laptops/netbooks are running either Windows XP, Windows 7 or Mepis Linux. Up until now everything was going as good as can be expected, all the computers could see each other and most could transfer files between each other except when Windows gets picky.In the last few days no computers can see each other. Windows or Linux.Everything can accsess the internet and wirelessly print still just can't see each other. I reset the E2500. I updated the firmware on the E2500. I installed the Cisco Connect software (just in case I was too stupid too setup a router). Still nothing. I can ping other machines from a command prompt in windows or a terminal in Linux and get a good ping back. In the router setup via a browser I can go to the status page and see other devices on the local network but most are just ipods, ipad, playbook and the wireless printer, If I go to the administration page / diagnostics I can ping other computers and get a good answer. I just can see them from each other. I think I've rebooted every thing at least once. Yes the workgroup names are all the same (workgroup) and yes file sharing is turned on on all computers.
View 3 Replies
View Related
Jun 2, 2010
I purchased a E3000 Router to replace a dead Dlink about a week ago..I have 4 wired computers on my network. All in the same workgroup. I have 2 computers connected directly to the E3000, and 2 computers connected to a ProCurve managed switch on the other side of the house. I can ping the computers on the switch side of the network but i cannot see those computers in the network section of windows 7. I can also navigate to them via \ computername.
View 7 Replies
View Related
Nov 4, 2011
How can I see network rate of other computers connected to my WRT54GL wireless router?I have admin password and I want to see how much bytes/sec received and sent from all the computers connected to the router.
View 2 Replies
View Related
Feb 3, 2013
Dell inspiron 1525 / Windows XP
Linksys/Cisco Router.
When trying to connect (wireless or wired), I can't get past the authenticating status. Have used this computer with same router for 3 years. If there was ever a problem, I would unplug/replug the router.I am currently connected through my neighbor's unsecured network.
View -1 Replies
View Related
Apr 17, 2012
So if I do a static ip address it works fine, but if I turn off static, the machine authenticates fine, but is not assigned to the access vlan, and it does not get an ip address.now when I use static I notice in the ISE live authentication logs, 11213 No response received from Network Access Device, for the switch even though its configured correctly.
View 5 Replies
View Related
Apr 2, 2013
A customer has RADIUS running on a Win Server 2008 R2 machine, has Autonomous 1140 APs and a mix of Windows 7 and XP Pro clients. Using PEAP as the authentication method the Win 7 clients can access the WLAN, but the Win XP clients cannot. The Win XP clients are at least SP2. I am doing some research before going to site on Friday and wanted to poll the community. I found an older post speaking to a MS Hotfix under KB#885453, but it referes to "third-party RADIUS servers," not MS servers URL.
View 14 Replies
View Related
Sep 4, 2011
I'm Using D-Link DIR 600 wireless router with my desktop CPU (Windows XP Professional SP1) using wired connection and Dell laptop (Windows 7 Ultimate) connected wirelessly. My problem is that I am able to access internet on bothsystems but they cannot see each other in network places. I am unable to sharefiles between the them. I have tried all the procedures mentioned in many forumsbut still not able to find a solution
View 4 Replies
View Related
Jun 6, 2011
I have deployed a Cisco wireless environment at one of our sites. The problem is that we are rolling out new motorola handhelds (MC75) are not authenticating with the ACS. I have copied the same config as it was with the exsisting wireless that was installed. Funny thing is we have another set of motorola handhelds (MC70) all use the same certificates and can authenticate without any issues.When i look at the ACS for logs I get the following error; EAP-TLS or PEAP authentication failed during SSL handshake.
View 6 Replies
View Related
