Windows 2k8 Radius Server with Cisco Wireless Controllers
We currently are using a Cisco 4400 wireless controller with an older Cisco Secure ACS appliance that is going EOL. My hope was to just connect our 4400 Wireless Controller to a Windows Server 2008 Radius Server (Just using Microsoft's Network Policy Server) but have not had any luck in getting this to work. Does anyone have an easy to follow set of instructions on configuration of Microsoft Windows Server 2008 NPS for use with Cisco Wireless Controllers? Any advise would be greatly appreciated.
Thank You,
Jim
Hi NPT,
Here is the post which may help you!!
https://supportforums.cisco.com/message/3073519
Regards
Surendra
Similar Messages
-
Configuring Radius server with Cisco MDS - 9606 switch
Need help in configuring Radius server with cisco MDS - 9606
please let me know if any document availablertt min/avg/max/mdev = 0.260/0.327/0.468/0.077 ms
IFCBCCEMCSW2# sh version
Cisco Storage Area Networking Operating System (SAN-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2008, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software may be covered under the GNU Public
License or the GNU Lesser General Public License. A copy of
each such license is available at
http://www.gnu.org/licenses/gpl.html and
http://www.gnu.org/licenses/lgpl.html
Software
BIOS: version 1.1.0
loader: version 1.2(2)
kickstart: version 3.3(1c)
system: version 3.3(1c)
BIOS compile time: 10/24/03
kickstart image file is: bootflash:/m9500-sf1ek9-kickstart-mz.3.3.1c.bin
kickstart compile time: 5/23/2008 19:00:00 [06/19/2008 23:56:56]
system image file is: bootflash:/m9500-sf1ek9-mz.3.3.1c.bin
system compile time: 5/23/2008 19:00:00 [06/20/2008 00:26:51]
Hardware
cisco MDS 9506 ("Supervisor/Fabric-1")
Intel(R) Pentium(R) III CPU with 1028596 kB of memory.
Processor Board ID JAB094300ER
bootflash: 250368 kB
slot0: 0 kB -
Window 8 WiFi problem with Cisco wireless network
Anyone encounter a Windows 8 WiFi authentication problem with Cisco wireless network?
We are using WLC 5508, 7.2.111, and AP 3602i with WPA2.
Sent from Cisco Technical Support iPad AppThis problem occurred with Soney, and Dell models. Lenovo with Windows 8 factory installed is working fine.
Won't make any difference as these laptop's wireless NIC cards are different.
Can you try with OPEN authentication. If the Sony and/or Dell laptop works, then you start cranking up the security and/or encryption settings until you break them.
I'm with Scott here: It's got to be a wireless NIC card driver.
As what George has stated, post the debug of the failed attempts. -
Sending XML file from SAP to Windows Based file server with FTP function
Hi Gurus,
We are using SAP BW 3.0B version.
I need to convert data in ODS to XML format and send this XML file to remote server which is not a SAP application server, it is just a Window Based file server with FTP function..
By writing some ABAP code I have converted ODS data into XML format (which gets saved in my local system)
(Is that I need to put this file in Application Server to send it to the other servers? )
Now the thing is how I can send this file to that Windows Based file server.
plz suggest me.... what can be done......
Thanks in Advance
Madhusudhan
Edited by: Madhusudhan Raju on Dec 3, 2009 4:25 AMI dont think the above code support windows OS. Because I always execute this script via UNIX.
I think you can try this option, go to command prompt, goto the destination path where you have an XML file using cd....
ftp (destination servername), specify the username and password.
afterthat, use the command put and filename.
check whether the file had reached destination successfully or not.
For automation purpose, you can use the following script like
ftp: -s: test.txt (servername)
In test.txt,
UserName
Password
bin
cd /files
put file.xml
bye
Also, you can check in SM69, there will be some SAP external commands to automate the file transfer.
Thanks
Sat
http://support.microsoft.com/?kbid=96269 -
Server 2008 R2 RADIUS Server with a Cisco Aironet 1040 Wireless AP
I am trying to get Server 2008 R2 RADIUS Server to work with a Cisco Aironet 1040 Wireless AP. I have installed the RADIUS server by MS standards and performed some searches on Google to configure the Cisco Aironet. I see others using a Wireless LAN Controller, which I do not have. I found this post below:
https://supportforums.cisco.com/discussion/11546056/wlc-2504-radius-2008-r2-server
But I have yet to locate a good step by step document on how to set it up and I have found so many different ways that others have set it up, but none have yet to work. I am having authentication issues that I have know of and I do not see any errors in the Windows Event Viewer and I do not know where the Acess Point stores it logs for any sort of error. Keep in mind this is the first time I am doing this. I do not have a Wireless LAN Controller and all my network / domain services are on individually built servers and not on one single server as I have seen with most of the documentation they all say the same thing by putting the Certificate Services, Domain Services (AD / ADS, etc), and NPS. I do not want that configuration and my setup should not be any different, but something is not right. I know from reading that this is not rocket science, but from someone who has never done it before this is difficult as I keep reading on and so many people do it different ways including what I have been reading according to what Cisco says to configure in the environment. Does anyone know where I can find good step by step documentation along with where I can look for logs on either device? I find that all the documentation I see on Cisco's website and from searching that it is old and outdated and not been updated in a long time so it is hard to determine what works and what does not work. I am stumped here and have been doing this for several weeks now with no luck. Thank you in advance.I did configure the Server 2008 R2 RADIUS Server using this video below:
https://www.youtube.com/watch?v=g-0MM_tK-Tk
I also referenced Technet to make sure it was configured correctly as well. I am still not sure if I am 100% setup correctly on the Windows Server side, but I for sure want to make sure I have the AP side setup correctly. Do you know of a better article for the Windows Server 2008 R2 setup? Does it matter that I do not have all the services installed on the same server? Instead I have them installed on multiple servers.
I have image number c1140-k9w7-tar.124.25d.JA1 on the AP. The part that confused me in that article, which I have seen before was the part about "Setting up access point must be configured in the authentication server as an AAA client." What is the AAA Client? I also am not aware of having Cisco Secure ACS anywhere built into the AP as that part through me off completely. Do I need to skip these steps? Thank you for help on this. -
Radius Server with Active Directory
I have an XSERVE with 10.6.7. It is an OD Master that is also bound to Active Directory.
I am trying to set up the RADIUS service to provide authentication to users on the wireless network.
So far, I have been able to set it up to the point where the wireless access point is attempting to authenticate to the server. The client is asked for user ID and password. I will even see the self-signed certificate on the client. However, I am never able to connect to the wireless system.
I tried using an Air Port Express with all the automatic settings from the server, and got the same results.
I tried authenticating with a local OD test user, and that did not work, either.
When I tried it on my network at home (no Active Directory), the RADIUS server worked exactly as expected.
Is there some other setting that must be modified to make this work with AD?Here are some links:
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00807917aa.shtml
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080921f67.shtml
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a0080665d18.shtml -
Mac mini not keeping connection with Cisco wireless access point
I am trying to get my wife's Mac Mini to keep it's connection with the wireless network at her school. They are using a Cisco access point (not sure of the model) which works fine with my G4 Powerbook and the numerous Macbooks being used there, but for some reason her Mac Mini drops the connection after 4 or 5 minutes, at which point she needs to log right off for it to reconnect (as opposed to just turning the card off and on again). I have already gone through the deletion of the Networkinterfaces.plist file, and recreation of the Airport card profile process, but this only kept the interface active for about 36 hours, then it was back to the same old problem. At this point I am thinking "flakey card"...before I ship it off to Apple, can anyone offer any other possible solutions?
After spending time on the phone with a Apple support technician, he indicated that the Iphone has a compatibility problem with the wep key encryption that the Cisco appliance uses. I find this disturbing being that Cisco is the biggest in network gear. What's UP Apple? We need SP1 for the IPHONE!!!
-
Linux ntp server with cisco 3850
hi all
i'm trying to make sync with linux ntp with cisco 3850 here is the what i did
linux centos 6.5 (on the ucs virtual machin) . this is a ntp server
ip 10.1.1.251
===================================================
For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
restrict 10.1.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html)
#server 1.centos.pool.ntp.org iburs
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server 127.127.1.0
fudge 127.127.1.0 stratum 2
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
and cisco 3850 configured this one
ntp server 10.1.1.241
and
show ntp status
clock is unsynchronized, stratum 16, reference is null
why...didn't work.. somebody help me..Is there a typo in your post or configuration? You show the NTP server IP address as 10.1.1.251, but the router configured to use 10.1.1.241.
Regards -
Locked files using a Windows 2003 File Server with Mac 10.6 clients running CS5
We migrated 40 Mac users from OS X 10.5/CS3 to OS X 10.6/CS5 back in November. Our InDesign files are kept on a Windows 2003 file server.
We have had fairly constant complaints of InDesign and Photoshop files being reported as locked when users try to save their work back to the server. This did not occur as frequently with CS3.
Has anyone else had this issue?I'd suggest starting with iFelix's Sharing files between a Windows XP PC and a Mac running OS 10.4.x
-
For Times New Roman font in Windows server 2012 R2 (Standard), crystal 9/10 report in pdf format is not getting generated. When we change the font for specific report like Arial, Calibri , Cambria then pdf report getting created.
In Windows 2008 R2, same application worked fine to generate pdf report for TimesNewRoman font and there is no change done in the application which is being used in Windows 2012 R2 server.Ok, thanks for the reply. You need to contact support or a forum for the Crystal software. Third party products don't usually include Adobe technology, they have their own software. When you contact them, you may want to expand "unable to generate" to give any specific symptoms including any error messages.
-
Getting Starting With Cisco Wireless LAN Solution
Can someone send me a link that will help me understand Cisco Wireless solution. I'm looking to install mybe the Aironet 1200 or 1300 wireless LAN. I need some good documentation so that I will fully understand the technology.
Thanks,This should get you going.
http://www.cisco.com/en/US/products/sw/cscowork/ps3915/index.html
http://www.cisco.com/en/US/products/ps6379/index.html
http://www.cisco.com/en/US/products/ps6305/index.html
http://www.cisco.com/en/US/products/ps6386/index.html
Hope these help.
please remember to rate all replies -
WLC RADIUS attribute with Cisco ISE
Hi All,
Does anyone get the same result as me when integrating Cisco ISE with Wireless LAN Controller ?
My Authentication Policy :
Name: IsGuestAuthen
IF "WLC_Authentication" THEN "Default Network Access" > "Internal Users"
My Authorization Policy :
Name: IsGuestAuthen
IF "Guest" THEN "InternetOnly"
When I monitoring on the Live Authentication page, I can see only the MAC address and a guest account that authenticated. I cannot see the IP address of the guest client. Do you get the same result as me ?
Please advise on how to get the IP address of the guest client to show on the Live Authentication Page.
Thanks,
Pongsatorn ManeesudExactly...here is the list of attributes sent in the access-request from the wlc -
http://www.cisco.com/en/US/docs/wireless/controller/7.2/configuration/guide/cg_security_sol.html#wp1992129
The framed ip address is sent in the accounting packet which doesnt appear in the live authentication report.
If you are up to speed on rest api's here is some reference material on this:
http://www.cisco.com/en/US/docs/security/ise/1.1/api_ref_guide/ise_api_ref_ch2.html#wp1089826
You can also run radius accounting report and filter it based off of account-start packets which will have the username and the ip address along with the mac address.
Thanks,
Tarik Admani
*Please rate helpful posts* -
How to connect to Windows 2008 VPN server with certificate support
Unfortunatelly if I select any Windows 2008 server compatible protocol (PPTP, L2TP) I cannot select PKI certificate, its only available for Cisco VPN. Yet my company has 1000 laptops and utilizing Windows 2008 Server for VPN (Cisco is too expensive and unnecessary because VPN is part of Windows Server). PKI certificate is required for connection security.
Any plans to enable certificates for PPTP or L2TP in 2.1 firmware? Even better would be to add SSTP protocol with certificate support, because it takes only one standard TCP connection (https) per user (uses least possible NAT resources for heavy loaded NATed WiFi spots). Also in some public places https is the only option to connect as PPTP and L2TP are filtered.Hi Shahzad,
>>how to connect sql server 2008 r2 sp2 with visual studio 2013 ultimate?
Based on your issue, if you wan to connect the sql server 2008 r2 sp2 from VS2013 IDE. I suggest you can try the Ammar and darnold924's suggestion to check your issue.
In addition, I suggest you can also refer the following steps to connect the sql server 2008 r2 sp2 with visual studio 2013 ultimate.
Step1: I suggest you can go to VIEW->SQL Server Object Explorer->Right click SQL Server->Add SQL Server.
Step2: After you connect the SQL Server 2008 r2 sp2 fine, I suggest you can go to VIEW->Server Explorer-> right click the Data Connection->Add Connection.
And then you can create the connect string in the Add Connection dialog box.
Hope it help you!
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Integrating AAA Radius-server with Micro-soft IAS for SSH
Hi,
I am configuring aaa-server on ASA-5505(Radius) and i am Using microsoft IAS for authentication for SSH connections on ASA, so during " test aaa-server authentication " i getting this message
ERROR: Authentication Server not responding: AAA decode failure.. server secret mismatch
All users are there on active directory And below are the debug radius and debug aaa authentication.
ASA# test aaa-server authentication SSH-TULIP-ASA host 172.16.1.10 usern$
INFO: Attempting Authentication test to IP address <172.16.1.10> (timeout: 12 seconds)
radius mkreq: 0xd4
alloc_rip 0xd83bb99c
new request 0xd4 --> 124 (0xd83bb99c)
got user 'praveeny'
got password
add_req 0xd83bb99c session 0xd4 id 124
RADIUS_REQUEST
radius.c: rad_mkpkt
RADIUS packet decode (authentication request)
Raw packet data (length = 66).....
01 7c 00 42 37 a4 0d c2 d3 10 09 0e 2f 3c c5 1a | .|.B7......./<..
4b 28 41 e6 01 0a 70 72 61 76 65 65 6e 79 02 12 | K(A...praveeny..
a1 8f e1 ae 58 dd c2 52 d6 37 f7 32 13 3a 1c 71 | ....X..R.7.2.:.q
04 06 ac 1e 1e 06 05 06 00 00 00 0e 3d 06 00 00 | ............=...
00 05 | ..
Parsed packet data.....
Radius: Code = 1 (0x01)
Radius: Identifier = 124 (0x7C)
Radius: Length = 66 (0x0042)
Radius: Vector: 37A40DC2D310090E2F3CC51A4B2841E6
Radius: Type = 1 (0x01) User-Name
Radius: Length = 10 (0x0A)
Radius: Value (String) =
70 72 61 76 65 65 6e 79 | praveeny
Radius: Type = 2 (0x02) User-Password
Radius: Length = 18 (0x12)
Radius: Value (String) =
a1 8f ERROR: Authentication Server not responding: AAA decode failure.. server secret mismatch
Tulip-ASA# e1 ae 58 dd c2 52 d6 37 f7 32 13 3a 1c 71 | ....X..R.7.2.:.q
Radius: Type = 4 (0x04) NAS-IP-Address
Radius: Length = 6 (0x06)
Radius: Value (IP Address) = 172.30.30.6 (0xAC1E1E06)
Radius: Type = 5 (0x05) NAS-Port
Radius: Length = 6 (0x06)
Radius: Value (Hex) = 0xE
Radius: Type = 61 (0x3D) NAS-Port-Type
Radius: Length = 6 (0x06)
Radius: Value (Hex) = 0x5
send pkt 172.16.1.10/1645
rip 0xd83bb99c state 7 id 124
rad_vrfy() : bad req auth
rad_procpkt: radvrfy fail
RADIUS_DELETE
remove_req 0xd83bb99c session 0xd4 id 124
free_rip 0xd83bb99c
radius: send queue empty
Thanks in advance all comments and suggestion are welcome
Regards,
PraveenHi,
RADIUS as a protocol does not support command accounting, ie., logging of commands that a users enters once authenticated to a router/switch. You will need to use TACACS+ for this purpose. The aaa command accounting commands that you used has been removed from IOS since 12.2T. Please take a look at this for details: http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCdp57020.
Thanks,
Wen -
Using MS Radius Server with WLC
I'm currenlty running WLC version 4.1.171. For authentication I'm using Microsoft IAS. I was able to get this to work by using Web Authentication but I want to use 802.1x w/ PEAP. I've been researching this and most of the documents talk about ACS. I did find one document on how to make this work, however I still have not been able to get authenicated. I'm hoping someone has some documentation on how to configure IAS on MS WIN Ser 2003. Thanks in advance.
Here is the document I've been using: http://wireless.dweezle.org/Docs/PEAP/Step-by-Step%20Guide%20for%20Setting%20Up%20Secure%20Wireless%20Access.pptHi,
can You send me some information about configuring WEB-AUTH with IAS ?
I cannot figure how to comfigure user / ias in my server .
I've done EAPTLS with the same IAS, but now i was trying to do simple user/pass authentication, if it's possible.
Many thanks
Luigi
Maybe you are looking for
-
Disk Utility is not working for me.
I have had a nightmare trying to install a Boot Camp partition on my brand new 27" iMac with 3TB Fusion Drive and running 10.8.4. When trying to use Boot Camp Assistant, it would start the partition, then not finish. I quit BCA, tried repairing both
-
Nullpointer exception in SAP code (RFC model related)
Hi, Some threads have already been opened on this issue, but none of them give me a solution. The problem is that a Nullpointerexception is thrown when I create a new Input element (to bind it to the input node of my rfc model). As you can see in the
-
The difference of procurement type
when assign material component to activity. can you tell me the difference between reservation for network, reservation wbs element and preq + res -wbs elem thank you
-
ITunes Match - Sync with iOS device
I am thinking about buying iTunes Match, but i first wanna make clear some things up... here are my questions: 1. Will I ever have to sync my iPhone again with my computer (over WIFI or Cable) or will my iPhone automatically download the music! Or wi
-
If you buy a tv show on a apple tv how do you get it on you computer
if you buy a tv show or a movie on apple tv how do you get it on your itunes