802.1x/PEAP over Ethernet

Similar Messages

• 802.1x EAP-PEAP over Ethernet need help !!!

  I am trying to get wired 802.1x EAP-PEAP to work and after spending about 8 hours
  troubleshooting this, I am not sure what else to do.  Need help.  Here
  is the scenario:
  - Cisco Catalyst 3350 switch running IOS versionc3550-ipservicesk9-mz.122-44.SE6.bin,
  - Steelbelted/JUniper Radius Server version 6.1.6 on a windows 2003 server
  with IP address of 129.174.2.7.  This device is connected to the same switch above.
  Firewall is OFF on the server, allow ALL,
  - Windows 2003 Enterprise Server supplicant with the latest Service pack and patches.  Again,
  Firewall is OFF on the server, allow ALL.  Juniper has verified the configuration settings
  on the Supplicant machine.  The supplicant has a static IP address of 129.174.2.15, same subnet
  as the radius server, I just want enable EAP-PEAP so that user is forced to authenticate before
  the port is activate to be "hot".
  - Juniper TAC has verified the configuration on the Steelbelted radius for eap-peap
  and that everything is looking fine,
  I have verified that the switch can communicate fine with the radius server.
  - Configuration on the switch for 802.1x:
  aaa new-model
  aaa authentication dot1x default group radius
  radius-server host 129.174.2.7 auth-port 1812 acct-port 1813 key 123456
  interface FastEthernet0/39
    description windows 2003 Supplicant
    switchport access vlan 401
    switchport mode access
    dot1x port-control auto
    no spanning-tree portfast (does not matter if this is enable or disable)
  lab-sw-1#
  .May 20 07:52:47.334: dot1x-packet:Received an EAP request packet from EAP for mac 0000.0000.0000
  .May 20 07:52:47.338: dot1x-packet:dot1x_mgr_send_eapol :EAP code: 0x1  id: 0x2  length: 0x0005 type: 0x1  data:
  .May 20 07:52:47.338: EAPOL pak dump Tx
  .May 20 07:52:47.338: EAPOL Version: 0x2  type: 0x0  length: 0x0005
  .May 20 07:52:47.338: EAP code: 0x1  id: 0x2  length: 0x0005 type: 0x1
  .May 20 07:52:47.338: dot1x-packet:dot1x_txReq: EAPOL packet sent out for the default authenticator
  lab-sw-1#
  lab-sw-1#sh dot1x interface f0/39
  Dot1x Info for FastEthernet0/39
  PAE                       = AUTHENTICATOR
  PortControl               = AUTO
  ControlDirection          = Both
  HostMode                  = SINGLE_HOST
  Violation Mode            = PROTECT
  ReAuthentication          = Disabled
  QuietPeriod               = 60
  ServerTimeout             = 30
  SuppTimeout               = 30
  ReAuthPeriod              = 3600 (Locally configured)
  ReAuthMax                 = 2
  MaxReq                    = 2
  TxPeriod                  = 30
  RateLimitPeriod           = 0
  lab-sw-1#
  I am at a complete lost here.  don't know what else to do.  Someone with expertise in this realm please
  help me how to make this work.
  Many thanks in advance,

  #1:  dot1x system-auth-control is already in the switch configuration
  #2:  Not sure if you're already aware, the minute I entered "dot1x port-control auto", the command "dot1x pae authenticator" automatically appears on the interface configuration
  The case is being worked on by Cisco TAC.  One of the issues is the windows 2003 server supplicant refuses to work.  Windows XP supplicant uses machine-authentication instead of user-authentication.  Cisco TAC is looking into this issue.

• Aironet 1100 / 802.3af Power Over Ethernet (POE) Support

  I was under the impression that the Aironet 1100 supports 802.3af POE. I purchased a NetGear FS108P POE switch, however, when I plug in the 1100, it does not receive any power.
  I have seen references in the documentation to a Cisco inline power injector and a Cisco Catalyst switch that can provide POE to the 1100 and maybe they will work, however, will the 1100 only work with those devices?? If so, it would seem that the 1100 really doesn't support the 802.3af standard and that Cisco's implementation of POE is proprietary.
  Any input would be appreciated.
  Thanks,
  Michael

  Hi Michael,
  As you have discovered (unfortunately) is that the 1100 only supports Cisco Pre-standard PoE :( Have a look;
  Single 802.11g radio offering 54 Mbps of capacity
  2.4 GHz integrated diversity dipole antennas
  Available in an autonomous version only
  16 MB of memory with 8 MB of storage
  Operating temperature range of 32 to 104?F (0 to 40?C)
  **Inline power support (Cisco pre-standard)**
  From this doc;
  http://www.cisco.com/en/US/products/hw/wireless/ps4570/prod_brochure0900aecd8035a015.html
  The good news is that either of the options you listed will work just fine. I would go for the power injector probably just for neatness sake.
  POWERING OPTIONS
  The Cisco Aironet 1100 Series can be powered either locally using the AC-DC power adapter, or over the Ethernet cable when coupled with a device capable of delivering in-line power, such as an in-line power-capable Cisco Catalyst? switch, Catalyst in-line power patch panel, or Cisco Aironet Power Injector.
  The AC-DC power adapter is included with the access point and can also be ordered as a spare part. The Cisco Aironet Power Injector can either be configured to the order or can be ordered separately.
  You can use either;
  AIR-PWR-A= Cisco Aironet Power Supply-Input 110-240VAC, Output 48VDC, 380 mA-for 1100 and 1200 Series
  AIR-PWRINJ3= Cisco Aironet Power Injector for the 1100 and 1200 Series Access Points
  From this doc;
  http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_data_sheet0900aecd8045690f.html
  Hope this helps! And good luck!
  Rob
  Please remember to rate helpful posts.....

• How connect to 802.1x (PEAP) ethernet with Airport Express

  Can´t figure out how to connect the Airport Express to an ethernet configurated with 802.1x (PEAP).
  It is no problem connect directly to the ethernet to my iMac, something I do with "Internet connect" (but then I can´t share my connection with any laptops etc.)
  Can anyone explain how I can solve this problem? Would expect it´s possible through the "Airport-admin"-utility?
  Thanks.

  Yes but that doesn't help, the Apple TV still has to connect to the Internet in order to set the time for the time zone. It can't do that as it isn't connected due invalid certificates- due to the wrong time!
  This is a plea to apple. Now you have updated apple configurator to put Apple TV on enterprise networks please can you allow us to set the time manually so we may join them!

• 802.1x over ethernet and airport impossible together ??

  I am connected to my University network (and to the internet) through a 802.1x network (Through Ethernet, not Airport).
  I have an iPod Touch with which I want to connect to the Internet.
  I went under Sharing, and created a Wireless network sharing the Ethernet internet. I was able to connect my Mac WITHOUT 802.1x to the internet for some time (authorised for a short time by the university) and was able to access the Wifi network and the internet with the iPod Touch.
  However, as soon as I connect to the 802.1x network, Airport dismisses it's network, it just disappears ...
  Why does it do that, can I prevent it and if not, is there any alternative for my problem ?

  Yeah, I was just going on/hoping for... the 802.1x likeness.
  Have you repaired Permissions lately?
  Might try trashing these files & reboot...
  /Users/nnnn/Library/Preferences/com.apple.internetconnect.plist
  /Library/Preferences/SystemConfiguration/preferences.plist
  /Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist
  /Library/Preferences/com.apple.sharing.firewall.plist
  ... of course you dont have to trash them, you can just move them to the desktop to drag back if it doesn't work.

• Problem using Express over Ethernet via Solwise Gigabit Homeplug

  I am hoping someone can help me here.
  Similar problem with Tandie (http://discussions.apple.com/thread.jspa?messageID=12175903&#12175903). I have a Vista PC which has no problem at all to connect to my Express over ethernet. I use my Express to "Create new wireless" network and stream my itunes over ethernet, which works well if I have a cable connected to the Express to my network where my Vista PC is connected.
  However, when I take my Express to another room and connect it to a Solwise Gigabit Homeplug and my other homeplug connects to my network I then seem to have problems. The homeplug works perfectly with my PS3, but my Express after about 2 hours itunes and Airport Utility is unable to find it. I can however ping the Express, but that is it.
  Here's how I configured the AX:
  Wireless Mode = Create a wireless network
  Wireless Network Name = unique name different to my Wireless BT Hub
  Radio Mode = 802.11n (802.11b/g compatible)
  Channel = Automatic
  Click the Internet icon
  Connect Using = Ethernet
  Connection Sharing = Share a public IP address
  AX Firmware ver: 7.4.2
  Message was edited by: Charles266

  Welcome to the discussions, Charles266!
  However, when I take my Express to another room and connect it to a Solwise Gigabit Homeplug and my other homeplug connects to my network I then seem to have problems.
  Connection Sharing = Share a public IP address
  This would be the correct setting if your AirPort Express is connected directly to a simple modem (a simple modem has only 1 ethernet port)
  If you have the Express connected back to another router (it will have 3-4 ethernet ports), then the correct setting for Connection Sharing would be "Off (Bridge Mode)"
  I can't say if this will solve your problem. If you continue to have issues, then test using an ethernet cable from the Express back to your main router. If this works well, then one or both of the powerline products is suspect.

• Airtunes over Ethernet?

  I have an Extreme wireless network and a new Express with 802.11n. They're connected to each other via Ethernet to create a roaming network, which means the Express is operating in bridge mode. Everything works. I can stream Airtunes beautifully over the wireless network.
  I also have an older iMac without an Airport card. It's connected to network's wired LAN and it works fine on the network. Is it possible to use it as a music server over the wired LAN? iTunes Preferences > Devices is set to look for Airtunes connected speaker.
  Everything is on the same subnet.
  I have read of a setting in my Express to allow Airtunes over Ethernet but the selection isn't there in Airport Utility.
  So, is AoE possible?

  Apparently AoE is enabled by default. Airtunes works fine over the wired LAN.
  Airtunes without the Air. Hmm...

• Pppoe over ethernet

  Hi all.
  Does the pppoe over ethernet supported on 7206VXR NPE-G1 gigabit/fastethernet interfaces with 802.1q encapsulation?
  Thanks in advance.

  Hello Peter,
  I know that it is suported on 10 and 100 MB interfaces, not sure about the Gigabit. Check this document for details:
  PPPoE Over IEEE 802.1Q VLANs
  http://www.cisco.com/en/US/products/sw/iosswrel/ps1834/products_feature_guide09186a0080080386.html
  HTH,
  GP

• How to print on HP LaserJet 2200 over Ethernet?

  Hi,
  I did an upgrade to Snow Leopard and would like to print on a HP LaserJet 2200 over Ethernet. OS X and the HP printer drivers are up to date now.
  The printer has been cold reset and on the configuration print out there's the IP address 0.0.0.0
  Now my question is how to get this printer to work with Snow Leopard over Ethernet? I did not find a tutorial how to assign an IP address to the printer first so I got stuck.
  Could you give me a hint where I should start with the configuration first?

  OK, now the printer works
  I reset the router and checked if DHPC is running.
  I reset the printer (hold down the GO button, turn the printer on and continue to hold the GO button for five to ten seconds).
  Checked at router that the printer is visible as network device.
  At the router I assigned a fixed IP address to the printer.
  At OS X System Preferences > Printer I added a new printer with "HP Jetdirect - Socket", the fixed IP address and the correct printer driver "HP LaserJet 2200".
  Now the printer has been recognized well by the system (Tray 3, Duplex and printer RAM) and printing works.
  THANKS.

• How do I set up multiple Airport Expresses to connect over ethernet for Airtunes only?

  I am trying to set up an Airtunes network using an Airport Extreme and three Airport Expresses connected together via ethernet (CAT5 cable). At each Airport Express there will be a speaker setup. I don't need/want internet connectivity on the network, but not sure if it is required for setup or not. I have made this work over wifi, using the Expresses to extend the network, but struggling to get this to work over ethernet.
  I would be verry grateful of a step-by-step method to setting this up! I am also looking to set up 6 airport expresses to do the same thing in another location.
  Thanks in advance!

  Thanks for the info.
  I assume that the AirPort Extreme is setup and working at this point.
  Work with one AirPort Express at a time to get them all configured, and then you can locate them where they will be needed.
  AirPort Setup will configure the Express devices to "extend a wireless network" using Ethernet, so they will be broadcasting the same wireless signal as the AirPort Extreme and provide more wireless signal coverage as well.
  I have yet to meet the first person who thought that they had too much wireless coverage, but you would have the option to turn off the wireless on the Express if you wanted. Most users like having extended wireless for their devices.
  Temporarily, move an Express close to the AirPort Extreme
  Connect a spare Ethernet cable from one of the LAN <-> ports on the Extreme to the WAN "O" port on the Express
  Power up the Express for a few minutes
  Hold in the reset button on the back of the Express for 10 seconds and release. Allow a full minute for the Express to restart to a slow, blinking amber light.
  Click the Airport icon at the top of the Mac's screen and wait a few seconds for AirPort Express to appear just under the listing of New AirPort Base Station
  Click directly on the AirPort Express
  AirPort Setup will open up automatically and take a minute to analyze the network, then announce that the Express will be configured to extend the AirPort Extreme network.
  Enter a device name that you want to use....example.....Express1.....and click Next
  AirPort Setup will configure everything for you. Notice that the message will say that the Express is being set up to extend using Ethernet. When you see the message of setup complete, click Done.
  Now you can move the Express to the remote location where it is needed, hook it up to the Ethernet connection there, power up the Express and set up AirTunes on the device.
  AirTunes is enabled by default, to other than make the speaker connection, you won't have much to do on that.
  Set up other Express devices the same way, except assign a different name to each device....example....Express2, Express3, etc.....to keep things organized.

• Mapping to disk on Airport Extreme's USB port from G5 over Ethernet

  I just set up my Airport Extreme network, with multiple machines (Windows XP, Vista, Mac G5, iPad and iPod Touch) sharing the internet connection via both Ethernet and WiFi without any problem.
  My XP and Vista machines are connected via WiFi, and I was asked to supply the shared disk's password, and once I provided it, I was able to see the drive attached to the USB port on the Extreme.
  My Mac G5 is connected to the Airport via Ethernet. It never asked me for the shared disk's password, adn I could not see the drive in Finder.
  Any suggestion on how to map to the shared drive over Ethernet will be greatly appreciated. Thanks! /Kenny

  Any suggestion on how to map to the shared drive over Ethernet will be greatly appreciated.
  It really shouldn't make any difference whether the G5 is connected by Ethernet or wireless, the AirPort Disk should be "visible" in the Finder sidebar.
  If not already, be sure that you have either or both "Connected servers" & "Bonjour computers" enabled in Finder Preferences > Sidebar.

• BUG: Mail (GMAIL IMAP) no longer connects over ethernet, only wireless

  I too was puzzled last night when I couldn't get my gmail account to go online. I did a lot of reading, and tried various things (to no avail), but ultimately decided it was just a configuration error, or combination of other programs running...or maybe even (as read in other posts) Google's servers. I found the server problem unlikely though, since I could also log in via the web interface.
  Mysteriously, opening Mail on a separate MBP over either ethernet or wireless was 100% normal...as was the imap connection on my iPad via 3G or wireless...so what was causing my brand new MBAir to choke? Sleep on it, I said to myself.
  Well here I am on day 2 of Mail refusing to connect. Connection doctor always shows 'green' next to connection status (Mail was able to connect to the internet), but red for both imap and smtp servers, with messages reading "Mail could not connect to this IMAP/SMTP server. Check your network connection and that you entered the correct information in Account preferences. Also verify the server supports SSL. If it does not, deselect the 'Use SSL' checkbox in the Advanced tab of Account preferences."
  I've eliminated the server issue, because my MBP still opened Mail just fine while connected to my network here at home.
  Then, just for fun, I decided to unplug my ethernet (which is attached via Apple's own USB Ethernet adapter), and turn on my wireless. Almost instantly, Mail popped to life on my MBAir, and started syncing with gmail/IMAP.
  In the two months I have owned this MBAir, getting Mail to work over ethernet had never been a problem. My issues seemed to parallel the recent influx of problems reported with gmail & IMAP.
  I still cannot get Mail to access gmail over the USB Ethernet Adapter. What gives, Apple? Anyone else experiencing these symptoms on these new MBAirs?
  Model Name: MacBook Air
  Boot ROM Version: MBA31.0061.B01
  SMC Version (system): 1.66f54

  Turns out I was a victim of my own [tight] security. I had a SOCKS proxy enabled on my Ethernet for when I take this laptop on the road...I used it to connect securely to my server back home. Obviously at home my SOCKS proxy was not connecting from within my private network. As soon as I removed the SOCKS proxy, voilá! GMAIL IMAP works perfectly over the USB Ethernet adapter once again.
  I hope this serves as a reminder to thoroughly check your network settings before driving yourself mad!
  Cheers!

• Choosing the Right Network Protocol for CRIO 9024 to PXI over Ethernet

  We are in the design phase of setting up a CRIO 9024 Embedded Controller to send data captured to a PXIe-8105 Controller over ethernet. The data will be be 2D arrays of double precision. This data will need to be sent to the pxi at the end of each test step. Each step will have different number of channels and sample rates.
  For example,  Test Step 1 will have 5 channels of Analog inputs that will be sampled at 100,000 KHz for 1 second. This data will be coming from the CRIO FPGA. The data will get post processed by the CRIO 9024 and analyzed for pass or fail metrics. Then, the CRIO controller will send the 2D Array of Data (500,000 data points 5 X 100,000) and the results of all the metrics (a 1D array) to the PXI.
  The connection to the PXI will be using Ethernet.
  Keep in mind that the PXI will also have to send the CRIO some values to tell the CRIO when to start the test and when the test sequence is complete.
  I was thinking TCP/IP would work best because of the 2 way communication needed. But then I was looking at Network Streaming or even using Shared Variables.
  If anyone has any ideas or suggestions please please post them.
  Spark
  CLAD
  Test Engineer
  Solved!
  Go to Solution.

  Hi,
  You could use either.  Whichever you are more comfortable with really.  The STM method will have slightly less overhead over my XML style of tagging the data but it will be very little given the data size.  Probably go with STM as it just has most of the work done for you.
  In terms of data size the way you should normally transfer data like this is to flatten to string.  If you convert to a string of human readable numbers you will either lose precision, increase size or both.  Given that, the string after being flattened will be the same size as the original array anyway so quick calculation based on your previous post 500,000 doubles (8 bytes) is 4 miB (3.8MB)
  Cheers, 
  James Mc
  ========
  CLA and cRIO Fanatic
  wiresmithtech.com/blog

• HT3231 Is it better to migrate to a new MacBook Pro using FireWire, from Time Machine, or over ethernet?

  Hello,
  Is it better to migrate to a new MacBook Pro (non Retina display) using FireWire, from Time Machine, or over ethernet? The older Mac is a MacBook (Intel, 2007 vintage). The Time Machine backup is to a Western Digital external drive with FireWire & USB ports.
  Thanks!
  Chips

  Thanks for the helpful reply.
  After posting, I read & researched further. We're going to be limited by the hardware – the MacBook & external drive both have FireWire 400, & we don't have a 400 to 800 cable or adapter. So we'll connect by ethernet, & be patient that it make take some time.
  I have to assume that Migration Assistant will be just as comprehensive regardless of the connection method / protocol.
  Best!

• ITunes 7.1 doesn't recognize Airport Express over ethernet

  Running iTunes 7.1 on Windows XP desktop. Immediately after update, iTunes no longer can see my Airport Express as a remote speaker (Airtunes over Ethernet).
  Airport Express has the latest updates. Airport Utility has no trouble recognizing it by name. It doesn't have a password on it. The Airport is happily providing wireless for my laptop. It is my only WiFi base station, because I have a small place. It's been dependable for over a year.
  I'm truly bummed, because earlier today I got a Griffin AirClick USB, and it works like a charm. I was looking forward to using it with full-screen coverflow in 7.1.
  iBook G4 and assorted Win & Linux boxes   Mac OS X (10.4.8)   iTunes is on an XP PC

  The problem turns out to be an incompatibility with Bonjour for Windows. A post by "f00fighter" over in the "iTunes for Windows Upgrade Issues" forum solved it. I quote him below:
  ******Quote***********
  Looks like this issue is due to an incompatibility between Bonjour for Windows and iTunes 7.1.0.59 for Windows (thanks toonz!)
  To workaround the issue you can stop the Bonjour Service by going to Start \ Control Panel \ Administrative Tools \ Services, then highlight the Bonjour Service and stop it. You might also want to set the Startup status of the Bonjour Service to Manual (or Disabled) to prevent the service from starting automatically the next time you restart you PC.
  Note - this is only a temporary fix, and turns off the Bonjour service...so don't do this if you have other applications that rely on the Bonjour Service. A fix from Apple is needed to truly "fix" this issue.
  *****End Quote**********
  iBook G4 and assorted boxen Mac OS X (10.4.8) iTunes is on an XP PC