Cisco aironet 1040: create wireless with wpa2 and mac authentication

Similar Messages

• WPA2 and mac authentication

  I am currently using WPA2-spk. I want to add another layer of security. I know I could do EAP. I am also looking at mac authentication. But I want to host the mac list on an ACS server. Setting the the mac addresses on the ACS server is pretty cut and dry, but how can I configure the ap to look to the ACS server for its mac list? And, how can I get WPA-spk and mac authentication to work together?

  Hi Jared,
  you can do this by setup the following:
  Webinterface:
  1. Securtiy -> Server Manager
  Setup the ACS IP in the list "MAC Authentication" in the section "Default Server Priorities".
  2. Securtiy -> Advanced Securtiy
  In the section "MAC Address Authentication" use the radio button "Authentication Server Only" or "Local List if no response from Authentication Server" for a fallback configuration!
  IOS Interface from config mode:
  aaa group server radius rad_mac
  server 10.20.40.37 auth-port 1645 acct-port 1646
  and
  aaa authentication login mac_methods group rad_mac
  or
  aaa authentication login mac_methods group rad_mac local (for local fallback)
  I have not tested this, cause the MAC of the supplicants is to easy to sniff and any medium skilled person may used a sniffed MAC to enter the first authentication stage!
  Better use a setup with EAP-FAST or PEAP!
  I hope that helps.
  Best regards,
  Frank
  I hope that helps.

• WLC Flexconnect with AAA and MAC authentication

  hi,
  i am having cisco WLC with 7.4.121 version and i am having remote side access points to be connected to this controller and remote access point will have different vlan on the remote side itself.
  my question is i am having  Radius authentication for the clients who are all connecting from all the access points and MAC filtering also.
  My radius server is placed in the HQ where we have WLC. which method of flexconnect switchign will give be both AAA and MAc filter options to be working.
  one more question,
  is it possible to make each AP seperate MAC filters On the WLC.
  thanks
  cyril

  If you are planning on doing machine authentication i.e authentication of machine with username password by the AAA server at then this is possible using flexconnect local switching enabled provided you have your AAA server accessible via the local VLAN at the remote site.
  In case you are planning on doing mac-filtering using WLC and username/password authentication using AAA server then this cannot be achieved when you enable Flexconnect local switching as you do not get an option to configure the mac-filtering on Flex-connect groups.Hence you would need to use central authentication.
  Actually the best option for you is that you either deploy a local site AAA server and do both the authentications via your radius server or use Central authentication with Flexconnect APs incase this is not feasible.
  Hope this clears you doubts!!!
  Note: Please do not forget to rate and accept as solution incase the post is valid.

• IAS and MAC authentication

  Hi, I´m having some trouble to authenticate the users with EAP and MAC authentication, i´m using IAS server and the EAP authentication is working well, but when I configure the MAC and EAP authentication, it doesn´t connect to the clients.
  Any idea how can I solve this problem??
  Thansk

  I think MAC authentication is not supported in IAS , you can do MAC address filtering on AP

• Server 2008 R2 RADIUS Server with a Cisco Aironet 1040 Wireless AP

  I am trying to get Server 2008 R2 RADIUS Server to work with a Cisco Aironet 1040 Wireless AP. I have installed the RADIUS server by MS standards and performed some searches on Google to configure the Cisco Aironet. I see others using a Wireless LAN Controller, which I do not have. I found this post below:
  https://supportforums.cisco.com/discussion/11546056/wlc-2504-radius-2008-r2-server
  But I have yet to locate a good step by step document on how to set it up and I have found so many different ways that others have set it up, but none have yet to work. I am having authentication issues that I have know of and I do not see any errors in the Windows Event Viewer and I do not know where the Acess Point stores it logs for any sort of error. Keep in mind this is the first time I am doing this. I do not have a Wireless LAN Controller and all my network / domain services are on individually built servers and not on one single server as I have seen with most of the documentation they all say the same thing by putting the Certificate Services, Domain Services (AD / ADS, etc), and NPS. I do not want that configuration and my setup should not be any different, but something is not right. I know from reading that this is not rocket science, but from someone who has never done it before this is difficult as I keep reading on and so many people do it different ways including what I have been reading according to what Cisco says to configure in the environment. Does anyone know where I can find good step by step documentation along with where I can look for logs on either device? I find that all the documentation I see on Cisco's website and from searching that it is old and outdated and not been updated in a long time so it is hard to determine what works and what does not work. I am stumped here and have been doing this for several weeks now with no luck. Thank you in advance.

  I did configure the Server 2008 R2 RADIUS Server using this video below: 
  https://www.youtube.com/watch?v=g-0MM_tK-Tk
  I also referenced Technet to make sure it was configured correctly as well. I am still not sure if I am 100% setup correctly on the Windows Server side, but I for sure want to make sure I have the AP side setup correctly. Do you know of a better article for the Windows Server 2008 R2 setup? Does it matter that I do not have all the services installed on the same server? Instead I have them installed on multiple servers.
  I have image number c1140-k9w7-tar.124.25d.JA1 on the AP. The part that confused me in that article, which I have seen before was the part about "Setting up access point must be configured in the authentication server as an AAA client." What is the AAA Client? I also am not aware of having Cisco Secure ACS anywhere built into the AP as that part through me off completely. Do I need to skip these steps? Thank you for help on this.

• Hello,good day problem with Cisco aironet 1040 series acces point

  Hello good day to all, how to configure cisco aironet 1040 series using web configuration attaching through patch cord without using the console.
  if possible please send me step by step instruction, any help is gladly appreciated.
  thank you in advance, More power
  mel

  helo good day sir,
  this is the first time i configure this device i am using Cisco aironet 1040 for our wireless using POE for power, and using cisco catalyst 2960 as switch
  i jack the patch cord in and its goes on colored green,
  the thing is how i can configure the aironet 1040  sir?
  waiting for a step by step instruction,
  thank you in advance
  mel

• How to change default admin password on Cisco Aironet 1040

  How do I change the default username and password on the Cisco Aironet 1040. There is a default set and I want to change that to secure the device. I've checked the manual and can't seem to find the directions. Any ideas?

  Hi Brian,
  If this AP is already registered with a WLC then you can change it via WLC.
  In WLC GUI, go to Wireless -> Select the AP -> Credential -> Override Global Credential-> Update username/pw/enable pw
  In WLC CLI, you can configure it like this. If it is for all APs, then select all, otherwise AP name.
  (WLC3) >config ap mgmtuser add username admin password Cisco123 secret Cisco123 ?
  all            Applies the configuration to every AP that does not have a specific user name.
       Enter the name of the Cisco AP.
  (WLC3) >config ap mgmtuser add username password secret
  (WLC3) >save config
  Are you sure you want to save? (y/n) y
  If it is Autonomous AP you can configure using the "username xxxx password xxx" IOS command
  HTH
  Rasika
  *** Pls rate all useful responses ****

• AP problem Cisco aironet 1040

  I have a Cisco aironet 1040.
  On my Accespoint i have 2 vlans: 1 for my wifi phones and 1 for my network.
  Wifi Lan has the SSID LAN with WPA enterprise authentication to a radius server(ms server 2008).
  Wifi Phone has SSID PHONE and vlan 50 with local radius authentication.
  This Works all fine, Except when i enable AP for my wifi phones.
  When AP is enabled the authentication for my lan doesn’t go to my server but local.
  How do I configure my accesspoints so that the cisco phones use the local radius server with AP and my windows computers connect using the ms radius server?
  Hope some one can help
  Attached is my current config.

  aaa group server radius rad_eap
  server auth-port 1645 acct-port 1646
  aaa group server radius WDS-AUTH
  server auth-port 1812 acct-port 1813
  aaa group server radius VOICE-AUTH
  server auth-port 1812 acct-port 1813
  aaa authentication login eap_methods group rad_eap
  Both of the SSID are calling to eap_methods.  What you need to do is configure another aaa authentication line:
  ** aaa authentication login phone_method group VOICE-AUTH**
  then call that as your network-eap:
  dot11 ssid VOICE
     vlan 50
     authentication network-eap **phone_method**
     authentication key-management cckm
  Change/add the lines between the **.
  HTH,
  Steve
  Please remember to rate useful posts, and mark questions as answered

• Can't scan Cisco Aironet 1200 Access Point with Spiceworks

  I'm trying to scan two Cisco Aironet 1200 AP's using SNMP and Spiceworks gives the following error:
  "Error creating SNMP session"
  I'm using a community string of public and also tried community as both are setup in the device. 
  SNMP is enabled in the device. 
  Any ideas?
  Thanks!
  This topic first appeared in the Spiceworks Community

  sorted it.

• IPad 3 with iOS 6 fails to connect to WiFi with WPA2 and AES - any solutions available?

  Hello *,
  after upgrading my iPad 3 to iOS 6 it constantly fails to connect to WiFi with WPA2 and AES - hidden or broadcasted SSID - at home and at work because the device does not accept the WPA2 password. This is also the case for my iPhone 4S but both devices did work with WiFi (WPA2 / AES) perfectly with previously installed iOS 5.1.1.
  I tried to downgrade to iOS 5.1.1 but it seems to be no longer possible to downgrade for both iPad 3 and iPhone 4S as the certification and signage window for iOS 5.1.1 maybe has been closed by Apple.
  Does anyone know about a possible solution to connect to WiFi with WPA2 and AES with iPad 3 / iPhone 4S and iOS 6 upgrade?
  Thank you very much for any help and advise.
  Best regards from Germany
  Matthias

  Look at iOS Troubleshooting Wi-Fi networks and connections  http://support.apple.com/kb/TS1398
  iPad: Issues connecting to Wi-Fi networks  http://support.apple.com/kb/ts3304
  iOS: Recommended settings for Wi-Fi routers and access points  http://support.apple.com/kb/HT4199
  Additional things to try.
  Try this first. Turn Off your iPad. Then turn Off (disconnect power cord for 30 seconds or longer) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
  Go to Settings>Wi-Fi and turn Off. Then while at Settings>Wi-Fi, turn back On and chose a Network.
  Change the channel on your wireless router (Auto or Channel 6 is best). Instructions at http://macintoshhowto.com/advanced/how-to-get-a-good-range-on-your-wireless-netw ork.html
  Another thing to try - Go into your router security settings and change from WEP to WPA with AES.
  How to Quickly Fix iPad 3 Wi-Fi Reception Problems
  http://osxdaily.com/2012/03/21/fix-new-ipad-3-wi-fi-reception-problems/
  If none of the above suggestions work, look at this link.
  iPad Wi-Fi Problems: Comprehensive List of Fixes
  http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
  Fix iPad Wifi Connection and Signal Issues  http://www.youtube.com/watch?v=uwWtIG5jUxE
  Fix Slow WiFi Issue https://discussions.apple.com/thread/2398063?start=60&tstart=0
  Unable to Connect After iOS Update - saw this solution on another post.
  https://discussions.apple.com/thread/4010130
  Note - When troubleshooting wifi connection problems, don't hold your iPad by hand. There have been a few reports that holding the iPad by hand, seems to attenuate the wifi signal.
  ~~~~~~~~~~~~~~~
  If any of the above solutions work, please post back what solved your problem. It will help others with the same problem.
   Cheers, Tom

• Create View  with Force and No Force

  Can Anyone Tell me how to create view with force and no force i have very little idea about this

  This is the syntax.
  CREATE [OR REPLACE] FORCE VIEW view
  [(alias[, alias]...)]
  AS subquery
  [WITH CHECK OPTION [CONSTRAINT constraint]]
  [WITH READ ONLY [CONSTRAINT constraint]];You can see interesting threads about this topic here.
  Re: Creating view forcibly
  Creating View forcefully
  Cheers
  Sarma.

• Create Window with Textbox and Button For getting Input Value

  Hi All,
  I have create plugin application but i want to take input from user. Therefore i want to create window with textbox and button.
  please may i get solution...

  Or if that's all you need to do, just use JavaScript or a form.

• Can anyone recommend an alternative software programme to Pages? I have an OS X 10.7.5 macbook pro, so I am unable to get it. I want a programme that I can create docs with pictures and text on, invitations, posters etc. Many thanks in advance-..

  Can anyone recommend an alternative software programme to Pages? I have an OS X 10.7.5 macbook pro, so I am unable to get it. I want a programme that I can create docs with pictures and text on, invitations, posters etc. Many thanks in advance…..

  LibreOffice

• I am creating webpages with frontpage and trying to make collapsible lists. The lists collapse and work correctly in "preview" mode, but do not work when accessed through firefox or explorer 8. Does anyone know what I am doing wrong?

  I am creating webpages with frontpage and trying to make collapsible lists. The lists collapse and work correctly in "preview" mode, but do not work when accessed through firefox or explorer 8. Does anyone know what I am doing wrong?

  Welcome to the 'wonderful' world of HTML5 e-learning.
  In my view, from the issues I am seeing everywhere, HTML5 output from rapid e-learning tools such as Captivate is not ready for the kind of mobile device e-learning you want to develop.
  Sorry to be pessimistic, but you may need to consider going back to the drawing board and coding it from the ground up.

• Lenovo Wireless Headset W770 compatibility with Linux and Mac

  Hi,  
  Can someone provide me information on Lenovo Wireless Headset W770 compatibility with Linux and Mac distributions.  On the product overview page under Software Requirements, only Windows is mentioned.  http://support.lenovo.com/en_US/downloads/detail.page?submit=true&componentID=1343112653906&DocID=PD...
  Please let me know if the headset can work with other distributions as well. 
  Thanks & Regards,
  Keya
  Solved!
  Go to Solution.

  I just received W770 and tried it on a PC and it worked. But when I plug the USB receiver in a macbook air (2011 MAC OS 10.6.8), it didn't work. The message I got is that MAC can't recognize the "keyboard" and asked me to press the shift button on the unrecognized keyboard- which I guess meant that the MAC treated the USB dongle as if it were a wireless keyboard of some sort. Anyway, would appreciate it if you could let me know how to make it work on MAC. The previous statement saying that it would work on any Lenovo machine regardless of OS is kinda of unclear - do you mean that it would also work on lenovo running MAC OS (is there any Lenovo running Mac OS?). Thanks.