[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Setting up a Cisco Aironet 1140 AP to use Radius from A windows 2008 SBS.

Posted on 2011-05-09
9
Medium Priority
?
4,628 Views
Last Modified: 2012-05-11
I'm trying to configure a Cisco AIR-AP1142N-A-K9 to authenticate Via Radius from a Windows 2008 SBS.
The Windows server has been setup per the instructions in this article http://www.bunkerhollow.com/blogs/matt/archive/2008/06/04/configuring-server-2008-for-radius-authentication.aspx 
The Clients are unable to connect. I'm not seeing any errors on either the SBS or The AP
0
Comment
Question by:mmack12
  • 5
  • 3
9 Comments
 

Author Comment

by:mmack12
ID: 35724250
This is the Current Settings of the Cisco AP.
CiscoAPset.jpg
0
 
LVL 13

Accepted Solution

by:
connectex earned 2000 total points
ID: 35729871
I use SonicWALL equipment rather then Cisco but most of the setup will be the same. The article you referenced isn't really for wireless it's more for VPNs. So I would recommend you use the wizard per this article: http://technet.microsoft.com/en-us/library/dd183706(WS.10).aspx. It will create the necessary entries in NPS and also add the rule for the Windows firewall. Also look for NPS entries in your application logs. Then application log should have any issues with NPS that aren't logon related. These will be stating it connects to AD, bad RADIUS address, mismatch secuity phase, etc. Also be sure to check the security log for failures. It's possible only the authenication is failing.

-Matt-
0
 

Author Comment

by:mmack12
ID: 35732233
We've now tried removing everything, starting over from scratch. In doing so, we first received the event 18 error "An Access-Request message was received from RADIUS client 10.0.12.29 with a message authenticator attribute that is not valid". Then we realized that was because we fat-fingered the secret key. So we re-entered the key and then received this: Event 4400 "A LDAP connection with domain controller server.domain.local for domain yourdomain is established."

After trying again, we get no errors either on the Cisco AP or the SBS. :(
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 13

Expert Comment

by:connectex
ID: 35732356
This is helpful. We now know your Cisco device is communicating to the RADIUS server. It's not being rejected due to invalid RADIUS client, bad shared secret, or Windows firewall . Next I would recommend creating a new user account just for testing. You can then quickly check the security log on the RADIUS server for success or failed logons.

-Matt-
0
 

Author Comment

by:mmack12
ID: 35732508
We tried to add a new user account. Then searched the security logs after trying to log on with that user. Same issue. No events except the creation of the user in the event log. It looks like it may not even be authenticating. Shouldn't I see a success or failure audit?
0
 
LVL 13

Expert Comment

by:connectex
ID: 35732947
Yes, there should be at least one reference to the username within the security log assuming there was a request submitted via RADIUS. The only other thing is you must have auditing of logons enabled.
0
 

Author Comment

by:mmack12
ID: 35732963
I do have auditing of logons enabled. I've used that while working on another server.

Tomorrow we are going to try to set this up on a fresh virtual server and see if that helps. I'm not sure where else to go from here.
0
 

Author Comment

by:mmack12
ID: 35938653
Due to time constraints on this project we decided to not use Radius integration on the APs at this time
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question