Solved

Configuring Wireless AP with SBS 2003 Standard.

Posted on 2007-04-01
6
761 Views
Last Modified: 2008-02-01
I am having trouble configuring a 3Com Wireless access point with SBS 2003 Standard. Network configuration is as follows: A VINA eLink IAD brings in a T1, from there a SonicWALL TZ-170 firewall is configured as the gateway (with NAT and all the other good things) to a 3Com 24 port 10/100/1000 switch. The server is an HP ML110 G2 with 2 gigs of RAM. SP1 has been installed as has all the current updates. It is the DNS, DHCP and WINS server as well as our Exchange box. The wireless AP is a 3Com OfficeConnect 11g. The AP is configured with a static IP from the excluded range (under 192.168.XXX.100) and is using PEAP. The network also has another sever used for a Symantec Anti Virus server and a secondary DNS and WINS server. I have tried several times using the Microsoft TechNet instructions http://www.microsoft.com/technet/solutionaccelerators/smbiz/sitsol/DsgnNwrk_12.mspx?mfr=true but still can get it to work.
What happens is I can see the SSID (set to broadcast for this install) and the laptop tries to connect but can't get an IP. If I configure an IP to the laptop it connects fine. What I want is to have the laptop connect using the "shared secret" and not have to hard set the IP's. I want the server to provide the IP through DHCP. Also I'm assuming that a "shard secret" is the password or key but I know all to well what happens when you "assume" so if someone could clue me in that would be great.
Any help on this would be very appreciated as I know it's just something I'm missing. (Don't you just hate that)
Thanks
0
Comment
Question by:Mainsouth
6 Comments
 
LVL 3

Expert Comment

by:Dinga84
ID: 18834499
If you can at all avoid using wireless i would recomend so, it is unsecure even with security option set, if you are using encryption ensure its PSK, WEP is crackable in a matter of minutes.

On your server run the internet and email wizare from the server management console (start, server management) this should help you out.
0
 

Author Comment

by:Mainsouth
ID: 18838465
Soooooooooooooooo. Is this is like the patient going to the doctor saying "It hurts when I do this" and the doctor telling him "Don't do that"????
I know it can be done and unfortunately so does my boss. So if you could please be a little more descriptive, I'd really appreciate it.
Thanks
0
 
LVL 2

Expert Comment

by:mkurtzhals
ID: 18839664
I would first try different authentication methods to see if they work first.  Then work from there.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18848844
While your network setup sounds a bit strange for an SBS deployment (definitely shouldn't need a secondary DNS and WINS server).  

Anyhow... it seems as though you don't have the proper documentation for the Access Point.  You can find that here: http://support.3com.com/infodeli/tools/wireless/accesspoint/3CRGPOE10075/DUAPOE10075BAA01.pdf

If you review this you'll note that the "Shared Secret" is just for authentication between the RADIUS Server and the WAP.  The client authentication is handled by a certificate issued by the RADIUS Server (which the client is able to authenticate against due to domain membership).

So.... here's my guess... Because you said your Excluded Range is the IPs under x.x.x.100, it sounds as though you did not configure your SBS using the wizards.  Not using them, especially the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > To-Do List) will cause you to have all sorts of problems.  

One thing you did not confirm in your statements above though is that you assigned the WAP the IP address you configured when setting up the IAS as noted in this section of the TechNet guide you are following:

Adding RADIUS Clients to the Internet Authentication Service
You must add wireless APs as RADIUS clients to IAS before they can be configured to connect to the IAS server. Perform the following steps, to add a wireless AP as a RADIUS client, using the Internet Authentication Service (IAS) management console:

1.
 Right-click the RADIUS Clients folder and select New RADIUS Client.
 
2.
 Enter a friendly name and the IP address of the wireless AP. This is the same name and IP address entered for the wireless AP. If you have not set up the wireless AP yet, use these same values when you configure the wireless AP.
 
3.
 Select RADIUS Standard as the client-vendor attribute, and then enter the shared secret for this particular wireless AP. Then select the Request must contain the Message Authenticator attribute checkbox. If you have not set up the wireless AP yet, use the same shared secret when you configure the wireless AP.

 
Jeff
TechSoEasy
0
 
LVL 4

Expert Comment

by:AndrewCink
ID: 18848854
Well, it sounds to me more like a DHCP problem. Can the AP be set to serve DHCP? That might be an acceptable test. Maybe you need to look into setting up DHCP relay on that AP and pointing it to your server? I assume devices on the LAN get addresses just fine from the DHCP server?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 18927539
In reviewing your initial question and my response, it seems as though I neglected to point out that the documentation you are using is outdated and you really should be following this paper:  http://sbsurl.com/wireless

Jeff
TechSoEasy
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now