Solved

Configuring Wireless AP with SBS 2003 Standard.

Posted on 2007-04-01
6
765 Views
Last Modified: 2008-02-01
I am having trouble configuring a 3Com Wireless access point with SBS 2003 Standard. Network configuration is as follows: A VINA eLink IAD brings in a T1, from there a SonicWALL TZ-170 firewall is configured as the gateway (with NAT and all the other good things) to a 3Com 24 port 10/100/1000 switch. The server is an HP ML110 G2 with 2 gigs of RAM. SP1 has been installed as has all the current updates. It is the DNS, DHCP and WINS server as well as our Exchange box. The wireless AP is a 3Com OfficeConnect 11g. The AP is configured with a static IP from the excluded range (under 192.168.XXX.100) and is using PEAP. The network also has another sever used for a Symantec Anti Virus server and a secondary DNS and WINS server. I have tried several times using the Microsoft TechNet instructions http://www.microsoft.com/technet/solutionaccelerators/smbiz/sitsol/DsgnNwrk_12.mspx?mfr=true but still can get it to work.
What happens is I can see the SSID (set to broadcast for this install) and the laptop tries to connect but can't get an IP. If I configure an IP to the laptop it connects fine. What I want is to have the laptop connect using the "shared secret" and not have to hard set the IP's. I want the server to provide the IP through DHCP. Also I'm assuming that a "shard secret" is the password or key but I know all to well what happens when you "assume" so if someone could clue me in that would be great.
Any help on this would be very appreciated as I know it's just something I'm missing. (Don't you just hate that)
Thanks
0
Comment
Question by:Mainsouth
6 Comments
 
LVL 3

Expert Comment

by:Dinga84
ID: 18834499
If you can at all avoid using wireless i would recomend so, it is unsecure even with security option set, if you are using encryption ensure its PSK, WEP is crackable in a matter of minutes.

On your server run the internet and email wizare from the server management console (start, server management) this should help you out.
0
 

Author Comment

by:Mainsouth
ID: 18838465
Soooooooooooooooo. Is this is like the patient going to the doctor saying "It hurts when I do this" and the doctor telling him "Don't do that"????
I know it can be done and unfortunately so does my boss. So if you could please be a little more descriptive, I'd really appreciate it.
Thanks
0
 
LVL 2

Expert Comment

by:mkurtzhals
ID: 18839664
I would first try different authentication methods to see if they work first.  Then work from there.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18848844
While your network setup sounds a bit strange for an SBS deployment (definitely shouldn't need a secondary DNS and WINS server).  

Anyhow... it seems as though you don't have the proper documentation for the Access Point.  You can find that here: http://support.3com.com/infodeli/tools/wireless/accesspoint/3CRGPOE10075/DUAPOE10075BAA01.pdf

If you review this you'll note that the "Shared Secret" is just for authentication between the RADIUS Server and the WAP.  The client authentication is handled by a certificate issued by the RADIUS Server (which the client is able to authenticate against due to domain membership).

So.... here's my guess... Because you said your Excluded Range is the IPs under x.x.x.100, it sounds as though you did not configure your SBS using the wizards.  Not using them, especially the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > To-Do List) will cause you to have all sorts of problems.  

One thing you did not confirm in your statements above though is that you assigned the WAP the IP address you configured when setting up the IAS as noted in this section of the TechNet guide you are following:

Adding RADIUS Clients to the Internet Authentication Service
You must add wireless APs as RADIUS clients to IAS before they can be configured to connect to the IAS server. Perform the following steps, to add a wireless AP as a RADIUS client, using the Internet Authentication Service (IAS) management console:

1.
 Right-click the RADIUS Clients folder and select New RADIUS Client.
 
2.
 Enter a friendly name and the IP address of the wireless AP. This is the same name and IP address entered for the wireless AP. If you have not set up the wireless AP yet, use these same values when you configure the wireless AP.
 
3.
 Select RADIUS Standard as the client-vendor attribute, and then enter the shared secret for this particular wireless AP. Then select the Request must contain the Message Authenticator attribute checkbox. If you have not set up the wireless AP yet, use the same shared secret when you configure the wireless AP.

 
Jeff
TechSoEasy
0
 
LVL 4

Expert Comment

by:AndrewCink
ID: 18848854
Well, it sounds to me more like a DHCP problem. Can the AP be set to serve DHCP? That might be an acceptable test. Maybe you need to look into setting up DHCP relay on that AP and pointing it to your server? I assume devices on the LAN get addresses just fine from the DHCP server?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 18927539
In reviewing your initial question and my response, it seems as though I neglected to point out that the documentation you are using is outdated and you really should be following this paper:  http://sbsurl.com/wireless

Jeff
TechSoEasy
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Multi-source agreements are important because they set standards that all manufacturers should follow to ensure that devices are compatible with multiple vendors. The multi-source agreement (MSA) is an agreement that establishes how multiple vendors…
Today sees the launch of a new case study, focusing on BYOD technologies we have been working with for some time now.  But with the advent of 802.11ac wireless technologies and the story behind our landmark developments, we would like to share this …
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now