Cisco Wireless :: 2500 Series Machine Authentication With IAS

Jun 2, 2013

I have the problem with machine authentication, our customer using Wireless Controller 2500 Series and need implement machine authentication on IAS server. So, as my understand is our controller may not change anything with configuration but we may configure IAS for support machine authentication, correct? but my question is how to? and is it work ?

View 24 Replies


ADVERTISEMENT

Cisco :: Does WLC 2500 Series Supports 1262 Series Access Point

Jun 14, 2011

Does AIR-CT2504-25-K9 spupports AIR-LAP1262N-E-K9  Access Point? How can I check this?

View 1 Replies View Related

Cisco Wireless :: MIBs For 2500 Series WLC

Apr 25, 2012

I need the MIBs for Cisco 2500 WLC. I have it for 5508 WLC. Does it works same for 2500 WLC too ?

View 1 Replies View Related

Cisco Wireless :: 2500 Series WLC Crashed Repeatedly

Aug 11, 2012

I have 2500 series wlc which is crashing again and again. I attach the log of crash as well.Also in License location the base-ap-count license " is not in use ".

View 3 Replies View Related

Cisco :: Wireless Controller With Web Authentication 2500

Dec 7, 2012

i am having wirless controller cisco 2500 series. i want to know how many web authentication users i can create in the 2500 series controller with time out option for each users.
 
i know it will support the web authentication for internet access for the users but i need to know how many it will accept at a time with hours specification.

View 4 Replies View Related

Cisco Wireless :: 2500 Series Support Mobility Groups?

Dec 1, 2011

Do you know if the new 2500 series controller supports things like mobility groups? Could I use 2 of these and do inter-controller roaming. Also do you know if this would work with a 2106 controller and a 2505 controller or are they 2 completely independent controllers only knowing about their own APs??

View 12 Replies View Related

Cisco :: Unable To Download 2500 Series Wireless Controllers

Mar 19, 2013

I want to download the Cisco 2500 Series Wireless Controllers Release 7.3 Software AIR-CT2500-K9-7-3-112-0.aes.I have CON-SMB for it, when I try to download it I am not to download it. I have mentioned the message given by Cisco" The category for this contract does not include the feature or the benefit for software download that you are requesting at the moment, this means that even if the contract is a support assistant (8X5XNBD) does not support the the mentioned feature for you to update the device you need, please refer to your partner directly to be able to acquired a Cisco Service Contract that supports and include the software download feature to be able to upgrade and update your device as you need."Is there any seprate contract for downloading the Software.

View 2 Replies View Related

Cisco Wireless :: Does 2500 Series Controllers Support Redundancy

Apr 12, 2012

Does 2500 series wireless controllers support redundancy?

View 1 Replies View Related

Cisco Wireless :: How To Configure WLC 2500 With Authentication 802.1x EAP TTLS

Mar 14, 2013

My client wants to test their new product with wireless authentication 802.1x EAP TTLS. They have CISCO WLC 2504. Does CISCO WLC 2500 support EAP TTLS, if yes then how to configure. So far I have added Radius TTLS server into my WLC.  Under Radius on WLC added radius server IP and key and created new SSID 802.1x WPA+WPA2 ( WPA policy2 and WPA encryption AES) after that under SSID AAAservers selected drop down same server IP. But user tried and didn’t work also we didn’t see any hit on radius server. Yea policy has added on radius. My client wants to use TTLS instead of TLS because in TLS you have to use client certificate on client side but on TTLS you can use certificate on client side but it is optional. So they want to stick with TTLS. But I am not seeing any documentation on TTLS with cisco WLC

View 8 Replies View Related

Cisco Wireless :: WLC 2500 Authentication Using Multiple AS Domains?

Mar 13, 2012

The  users belong to Multiple AD domains. If we purchase WLC 2500 controller. Can I  have one more WLANs authenticate to multiple radius or ad domains? I thought one WLAN/ ssid authenticate to single radius server.

View 4 Replies View Related

Cisco Wireless :: Configure WLC 2500 With Authentication 802.1x EAP TTLS

Mar 14, 2013

My client wants to test their new product with wireless authentication 802.1x EAP TTLS. They have CISCO WLC 2504. Will CISCO WLC 2500 support EAP TTLS, if yes then how to configure.
 
So far I have added Radius TTLS server into my WLC.  Under Radius on WLC added radius server IP and key and created new SSID 802.1x WPA+WPA2 ( WPA policy2 and WPA encryption AES) after that under SSID AAAservers selected drop down same server IP.But user tried and didn’t work also we didn’t see any hit on radius server. Yea policy has added on radius.
 
My client wants to use TTLS instead of TLS because in TLS you have to use client certificate on client side but on TTLS you can use certificate on client side but it is optional. So they want to stick with TTLS. But I am not seeing any documentation on TTLS with cisco WLC?My android phone galaxy II has TTLS option under EAP 802.1x, so android devices support TTLS.

View 1 Replies View Related

Cisco Wireless :: 2500 WLAN Controller Series Compatible With LAP1131AG?

Apr 17, 2012

I have a customer whom has six LAP1131AG-K9 but no controller and they are interested in one of the new 2500 series, specifically a AIR-CT2504-5-K9 with a 5 AP add-on license to bring total AP capacity to 10.  I can't determine clearly if this controller will work for these older AP's prior to them making the jump to 802.11n via the 3500 or 3600 series, looking to the community to confirm.

View 3 Replies View Related

Cisco Wireless :: WLC 2500 Series Setup With Windows Server 2008 R2

May 15, 2011

I am planning to implement wireless network in my work place. Plan is to have two networks one for guests and one for employee. I am trying to find a guide for 2500 WLC but couldn't find one.I've been reading couple of articles about setting up radius server and CA. I want to know what the best way to approach this.In my environment I got a CA server windows server 2003 and current DC's are windows server 2008 R2.I got 2500 WLC with POE switch and 4 aironet AS 1142.

View 16 Replies View Related

Cisco Wireless :: WLC 2500 Series Setup With Windows Server 2008 R2

Jun 27, 2012

I am planning to implement wireless network in my work place. Plan is to have two networks one for guests and one for employee. I am trying to find a guide for 2500 WLC but couldn't find one.
 
I've been reading couple of articles about setting up radius server and CA. I want to know what the best way to approach this.
 
In my environment I got a CA server windows server 2003 and current DC's are windows server 2008 R2.
 
I got 2500 WLC with POE switch and 4 aironet AS 1142.

View 4 Replies View Related

Cisco Wireless :: Training On 2500 Series Controller And 1142 / 1040 AP

Apr 21, 2013

Looking for some training on the 2500 series controller and 1142 or 1040 AP's preferably.

View 10 Replies View Related

Cisco :: Acs 4.2 PEAP Machine Authentication Wireless 4404

Sep 26, 2012

we have acs 4.2 as our radius server, and 2 wlc 4404 with a wism2 for our wireless network. we have 2 SSID network, lets call them SSID A and B. A have a more restricted access to server than B.PEAP machine authentification is authorize on both network, to let our users laptop connect before the user login, this enable us to have our computer gpo deploy before the user logon, or have network access to authenticate a user to our directory if he had not logon previously on the laptop.
 
Users from group A can't logon to SSID B, they can only logon to SSID A, but we have some clever users from group A who have change they wireless setting to only send machine authentification (this can be done in the advance setting of a wireless network in windows 7) to connect to SSID B
 
We can't force the wireless config by GPO because we don't have an ad 2008 domain, we are still in 2003 soo we can't change the gpo for windows 7 wireless setting . I can't force user to require machine authentification and user authentification because we have a lot of ipad and iphone, and other mobile device that connect using only their user credentials.Is there a way I could configure this without having to disable machine authentification for SSID B?

View 7 Replies View Related

Cisco :: WLC 2500 Series / Differences Between 7.0 And 7.2 Firmware?

Mar 28, 2012

which differences exist between 7.0 and 7.2 firmwares? I have to decide/choose which of them to run, before continuing to configure my WLAN infrastructure.

View 3 Replies View Related

Cisco :: WLC 2500 Series URL Filtering And Hotspot?

Oct 2, 2012

I have Cisco Wireless Controller 2500 series (AIR-CT2504) and 10 LAPs implemented in my office building. I need to enforce security policy.
 
I have few questions below regarding the Wireless controller 2500 Series.
 
1)  Can i enforce Internet security policy such that all prohibitive sites remain block from the WLC?
 
2)  Is it possible to allow Internet access to only designated machines/users ?
 
3) Initial logon page for user /machine authentication to get access to wi-fi ?

View 1 Replies View Related

Cisco :: To Configure WLC 2500 With Authentication 802.1x EAP TTLS

Mar 14, 2013

My client wants to test their new product with wireless authentication 802.1x EAP TTLS. They have CISCO WLC 2504. If CISCO WLC 2500 support EAP TTLS, if yes then how to configure.So far I have added Radius TTLS server into my WLC.  Under Radius on WLC added radius server IP and key and created new SSID 802.1x WPA+WPA2 ( WPA policy2 and WPA encryption AES) after that under SSID AAAservers selected drop down same server IP.But user tried and didn’t work also we didn’t see any hit on radius server. Yea policy has added on radius.My client wants to use TTLS instead of TLS because in TLS you have to use client certificate on client side but on TTLS you can use certificate on client side but it is optional. So they want to stick with TTLS. But I am not seeing any documentation on TTLS with cisco WLCMy android phone galaxy II has TTLS option under EAP 802.1x, so android devices support TTLS.

View 2 Replies View Related

Cisco :: WLC 2500 And AP 1041 - To Use HTTP For Web Authentication

Jun 4, 2013

We are using WLC 2500 and AP 1041 with web authentication. Due to we do not have the trusted/public certificate and want to get rid of the certificate warning during the user login. Is this possible to change the web authentication method from HTTPS to HTTP.

View 1 Replies View Related

Cisco :: ACS 5.2 EAP-TLS Machine Authentication

Feb 21, 2012

I have set up an ACS (5.2) to do EAP-TLS Machine and User Authentication.I am getting intermittent results with the machine authentication using the same laptop as a test client.When the machine authentication succeeds the RADIUS name shows as host/xxx-yyy.When the machine authentication fails the RADIUS name shows as xxx-yyy without the host/.

View 9 Replies View Related

Cisco :: PEAP Machine Authentication With ACS 4.2

Jan 23, 2012

I have 802.1x/peap authentication in my wireless network with ACS 4.2 as the authentication server. I enabled PEAP machine authentication under the Unknown user policy --->database configuration sub-menu. I discovered that I was still able to access the wireless network on my android phone with my domain logon. I later discovered that there is an option in Group policy to force Windows XP clients to perform computer authentication. Now the problem is that windows 7 clients do not have the EAPOL option in the registry, hence the group policy object may not work. How to enforce machine authentication and stop unwanted devices without having to purchase a NAC server.

View 10 Replies View Related

Cisco :: Require Machine Authentication With WLC And ACS V4.2?

Oct 30, 2011

I am currently authenticating wireless clients using PEAP User Authentication through a Cisco Wireless LAN Controller and Cisco ACS 4.2, which points to a Microsoft Active Directory external database. This does not keep users from configuring thier personal devices with thier Active Directory login information and connecting to the corporate wireless network. I can setup a client to use a certificate, machine authentication and user authentication, but I havent been able to REQUIRE the certificate and or machine authentication to authenticate to my wireless network.
 
>I now have the Windows External Database Configuration, ACS External Database setup with Enable PEAP Machine Authentication and Enable machine access restrictions. With the client configuration set to use Computer Authentication, it passes the authentication through ACS (and AD), but the client can also be configured for User Authentication and also pass authenticaiton. Is there a way to only require Computer Authentication through a Cisco WLCCisco ACS?

View 7 Replies View Related

Cisco :: ACS 5.1 EAP-PEAP Machine Authentication

Jun 29, 2011

ACS 5.1 EAP-PEAP Machine Authentication,
 
I have configured ACS 5.1 to check AD domain computer accounts then permit access, the next rule authenticates AD domain users and checks machine accounts with WAS MACHINE AUTHENTICATED "TRUE" permit.
 
My dilemma - Windows XP supplicant work fine and I can see the host/machine (Wireless device) authenticating followed by user credentials, but when I use the Intel Pro/set supplicant version 12.1 the same device fails authentication due to ACS not being able to verify a good previous machine authentication?
 
Is this problem ACS related or down to the Intel supplicant.

View 3 Replies View Related

Cisco :: ACS 5.2 Machine Authentication Fails Every 30 Days

Jan 9, 2012

Running ACS5.2, Windows XP Pro, Window Server 2003 and Cisco Anyconnect Client. When the machine name password changes between the PC and the AD server the ACS will error out with "24485 Machine authentication against Active Directory has failed because of wrong password".TAC has been working with us on this and sees the error in the logs but does not have an answer on with to do to solve this. It has the same problem with Wireless Zero. Once the PC is rebooted the error goes away for 30 days. We are in a hospital setting so this is a not just a minor problem

View 16 Replies View Related

Cisco :: WLC5508 Machine Authentication For ACS5.1

Apr 21, 2010

I met a problem with machine authentication. Following is the conditions:

1. WLC5508, version 6.0.196
2. ACS 5.1.0.44
3. WIN AD
4. PEAP-MSCHAPv2+machine authentication

the machine auth failed, I checked the log, it says Machine not found in AD:11001  Received RADIUS Access-Request

View 22 Replies View Related

Cisco AAA/Identity/Nac :: 3600 - EAP-TLS Machine Authentication ACS 5.2?

Mar 26, 2012

we have a customer with a wifi deployment aruba 3600 controller based. Corporate SSID authentication is EAP-TLS double machine and user authentication through ACS 4.2 against AD and Microsoft AC PKI infraestructure based; it was working ok. After migrating from ACS 4.2 to 5.2, both authentication (machine and user) are reported as succeed by ACS but aruba controller does not recognize machine authentication. It seems that controller sees two authentication users and not an machine followed by and user one. We have revised configuration in detail and it seems correct. We begin thinking it could be a bug .

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS SE 4.2 / 802.1x Certificates For Machine Authentication

Apr 25, 2010

A PC with a machine cert gets connected to a switch running 802.1x. The switch uses EAP with .1x to query PC, handing this off to ACS, that bit I'm ok with. The ACS needs to query the CA server to authenticate the PC, its this process I'm not sure about.
 
Reading the documentation I think that I need to configure LDAP between the ACS and the CA, which is running on 64-bit 2008 server. But, ACS SE remote agent is 32 bit only.
 
Is this correct, if so how do I get ACS SE to communicate with a 64-bit 2008 CA server?

View 8 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.1 802.1x EAP-TLS Machine Certificate Authentication

Jul 11, 2011

Looking for the steps to configure wired clients using certificate authentication only

- i.e., once a certificate is presented to the ACS that is issued by a trusted CA, the connection is permitted. 
 
No need to tell me about switch configuration.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 PEAP With Machine Authentication

Sep 11, 2011

Any good guide for configuring PEAP with Machine Authentication to allow for domain login?This is a clean install on a new 5.2 install.We are moving from 4.X to 5.2 and i want to make sure i dont miss anything.

View 3 Replies View Related

AAA/Identity/Nac :: ACS 5.2 Machine Authentication And AD User?

Sep 1, 2011

I am trying to setup up a rule to allow wireless access only to users in my AD when they use computers from my AD.I have Machine authentication working on it's own (computer boots up and connects to wireless - confrimed by ACS logs) I have User authentication working But when I try to creat the floowing rule:it does not work.
 
Access Policy
Access Service:
Default Network Access Identity Store:
AD1
Authorization Profiles:
DenyAccess
Exception Authorization Profiles:
Active Directory Domain:

[code]....
 
Everything seem to fine until it gets to the last rule.

View 1 Replies View Related

AAA/Identity/Nac :: ACS 5.2 Machine Certificate Authentication

May 23, 2011

Is there a way to authenticate a windows computer in ACS 5.2 for 802.1x only with a certificate.The Computer is from a different active directory than the one that is configured in ACS.I tried importing the cert into "external indentity Stores" > "certificate authorities", then setup the computer to use smart card or certificate, then selected the certificate from the other AD.when i look at the ACS log, here is the message i can see: 22044 Identity policy result is configured for certificate based authentication methods but received password based

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ISE 1.1.3.124 / Machine And User Authentication / MAR / Timeout?

Apr 12, 2013

I am using ISE 1.1.3.124.My first question:I want to know the relation between the attribute "WasMachineAuthenticated" and the MAR (MAchine access restriction in advanced setting for AD).Is-it the same  or not ?Once you time out, you need to do machine auth again. What is the timer ?Using the attribute "WasMachineAuthenticated", is-it the same timer that you configure in MAR ? In a distributed environnement, is the information about machine previously authenticated  replicated to all policy node ?Because, if a swicth has 2 radius-server, we are not sure that it will point everytime to the same server.

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved