I hope someone can help
What I’m trying to achieve
We currently have a Cisco WLC 2504 controller running our Wi-Fi network. We have been running 2 networks (Guest & Corp) with PSK for all users to type in manually. What I would like to do now is change the Corp Wi-Fi to use the staff’s AD username and password instead of the pre-shared key to connect whatever device they use (Mobile, Tablet, Laptop). We don’t have a certificate infrastructure and we only want to use is their AD user name authentication
What I have done
I’ve installed a NAP server (Windows 2012 r2) and followed the “RADIUS server for 802.1X Wireless or Wired Connections” wizard as recommend and I’ve setup a new SSID on the WLC to use the RADIUS server. This all seems fine and when I run the “test aaa radius” command it comes back with success. All good so far!
Issue I require help with
When I try to connect a client to the Wi-Fi it fails. The logs on the controller says the authentication has failed and I don’t know why.
Below is the two entries that come up on the controller.
I get two failures when I try to connect from a laptop one for the host and one for the user account
AAA Authentication Failure for Client MAC: a8:08:cf:b4:a7:w5 UserName:DOMAIN\USER User Type: WLAN USER Reason: Authentication failed
AAA Authentication Failure for Client MAC: a8:08:cf:b4:a7:dw5 UserName:host/HASTNAME.domain.local User Type: WLAN USER Reason: Authentication failed
If anyone could help or guide me it would be greatly appreciated