Cisco Accesspoint - Clients cannot connect

Posted on 2007-08-01
Last Modified: 2013-11-12
i have a cisco aironet 1200 accesspoint configured for TKIP-WPA Enterprise (with IAS Server) and Authentication with Certificates!
The IAS Server is working fine because there's allready configured another accesspoint  (netgear) with the same settings!

I get the clients connected with the cisco ap when i delete the IAS Policy "NAS Port Type matches Wireless - IEEE 802.11 or Wireless - Other"
but i dont wanna delete this option!

The eventlog on the ias server shows:
User was denied access.
 Fully-Qualified-User-Name = domain/user
 NAS-IP-Address = XX.XX.XX.XX
 NAS-Identifier = XXXXXXX
 Called-Station-Identifier = XXXXXXXXXXXX
 Calling-Station-Identifier = XXXXXXXXXXX
 Client-Friendly-Name = XXXXXXX
 Client-IP-Address = XX.XX.XX.XX
 NAS-Port-Type = Virtual
 NAS-Port = 300
 Proxy-Policy-Name = Use Windows authentication for all users
 Authentication-Provider = Windows
 Authentication-Server = <undetermined>
 Policy-Name = Connections to other access servers
 Authentication-Type = EAP
 EAP-Type = <undetermined>
 Reason-Code = 65
 Reason = The connection attempt failed because remote access permission for the user account was denied. To allow remote access, enable remote access permission for the user account, or, if the user account specifies that access is controlled through the matching remote access policy, enable remote access permission for that remote access policy.

I read in another forum that when i add the NAS-Port-Type Virtual it should work...but on my ias server there only exsits the NAS-Port-Type Virtual(VPN)...and if i add this one, it doesn't work , too

One different is that i added the cisco ap as Client-Vendor= Cisco to the Radius Clients on the IAS Server...the netgear ap is configured as Client-Vendor=Radius Standard...but it makes no different if i configure the cisco ap as radius standard!

What is the problem? Cisco configuration(i think so), or the ias server...or maybe the wireless clients?

Question by:merowinger
    LVL 31

    Author Comment

    solved after installing the latest firmware version!

    1. Download latest firmware .tar file from
    2. Installed a TFTP Server on the admin machine (for example kiwi enterprise cat tools)
    3. Made connection to aironet via hypertrm
    4. Executed the following command:
    archive download-sw /force-reload /overwrite tftp://IP ADRESSE from TFTP/current .tar file
    LVL 1

    Accepted Solution

    Closed, 500 points refunded.
    Community Support Moderator

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Multi-source agreements are important because they set standards that all manufacturers should follow to ensure that devices are compatible with multiple vendors. The multi-source agreement (MSA) is an agreement that establishes how multiple vendors…
    This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
    This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now