Win 2008 R2 radius integration with WLC 5508
Requires help in integrating Win 2008 R2 Radius server with WLC 5508
Step by Step instructions - NPS & Wireless LAN Controller
PEAP Authentication - http://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/115988-nps-wlc-config-000.html
EAP-TLS
https://kb.meraki.com/knowledge_base/radius-creating-a-policy-in-nps-to-support-eap-tls-authentication
hope that helps, Please let me know if you have any other questions in regards to setting up your NPS server
Please rate that post if it answers your question or helps you to resolve the problem.
Similar Messages
-
An issue with WLC 5508 and 7921 phone
Hello all!
I have a system with WLC 5508 and some 1242 APs. And I use a lot of 7921 phones.
One of 7921 phones was in trouble. It loses registration, disconnect conversations...
I installed the trial WLC and run voice diagnostics.
I saw some of "Potentially degraded QoS in downlink direction because of incorrect packet classification" messages and one "Fair upstream packet loss ratio: 1,2%, which is less than threshold 2.5%"
As I understand all of 7921 phones in these area are affected.
what does it mean? I set up Platinum QoS for voice WLAN. I don't have any qos configuration string for AP and WLC ports on switches...
any ideas?
thanx in advanceSergey:
There is one application called "WLC Config analyzer". You save your "show run-config" from your WLC in a text file and import it by this application. it will analyze the file for you and tell you what recommendations for voice are missing so you improve them.
When importing a config file you choose what voice clinets you are using, so you need to choose cisco 7921 to it tells you what config improvemetns is needed based on 7921 needs.
Here is the link to download the application:
https://supportforums.cisco.com/docs/DOC-1373
download the latest versoin.
BTW, how many voice/data clients are connected to one AP in that area? if I remember correctly if you are utilizing voice then the max number of clients connected to one AP should not exceed 17. If you have more than this number per AP try to minimize the number of users concurrently connected to the AP then try again.
Hope you'll find the config analyzer useful.
If useful please don't forget to rate.
Amjad -
Integration between WLC 5508 and Microsoft NPS 2008
Hi guys,
Any of you, have working guidance for WLC 5508 and Microsoft NPS 2008 integration?
I managed to configure Wireless 802.1x feature (PEAP) but it failed. I'm running software ver. 7.0.116.0.
Is there any bug related 802.1x on this software version?
thanks in advance.
BR
shendyHi Shendy,
I am not aware about any bug related to this. I think you better check all configuration and make sure it is fine.
Logs from NPS and WLC (and possibly from the supplicant) may guide you where the problem resides.
What does the NPS logs tell about the reason of the authentication failure?
What does the WLC logs say about the failure (check show msglog and show traplog).
- Make sure the Radius server added correctly with correct IP and correct shared secret on WLC.
- Make sure that the radius is configured correctly to allow PEAP-MSCHAPv2.
- Make sure WLC is added successfully to WLC with correct IP address and correct shared secret.
- Make sure the clients are correctly configured and the server's (NPS) certificate is trusted on the clients.
HTH
Amjad -
Server 2008 R2 RADIUS Server with a Cisco Aironet 1040 Wireless AP
I am trying to get Server 2008 R2 RADIUS Server to work with a Cisco Aironet 1040 Wireless AP. I have installed the RADIUS server by MS standards and performed some searches on Google to configure the Cisco Aironet. I see others using a Wireless LAN Controller, which I do not have. I found this post below:
https://supportforums.cisco.com/discussion/11546056/wlc-2504-radius-2008-r2-server
But I have yet to locate a good step by step document on how to set it up and I have found so many different ways that others have set it up, but none have yet to work. I am having authentication issues that I have know of and I do not see any errors in the Windows Event Viewer and I do not know where the Acess Point stores it logs for any sort of error. Keep in mind this is the first time I am doing this. I do not have a Wireless LAN Controller and all my network / domain services are on individually built servers and not on one single server as I have seen with most of the documentation they all say the same thing by putting the Certificate Services, Domain Services (AD / ADS, etc), and NPS. I do not want that configuration and my setup should not be any different, but something is not right. I know from reading that this is not rocket science, but from someone who has never done it before this is difficult as I keep reading on and so many people do it different ways including what I have been reading according to what Cisco says to configure in the environment. Does anyone know where I can find good step by step documentation along with where I can look for logs on either device? I find that all the documentation I see on Cisco's website and from searching that it is old and outdated and not been updated in a long time so it is hard to determine what works and what does not work. I am stumped here and have been doing this for several weeks now with no luck. Thank you in advance.I did configure the Server 2008 R2 RADIUS Server using this video below:
https://www.youtube.com/watch?v=g-0MM_tK-Tk
I also referenced Technet to make sure it was configured correctly as well. I am still not sure if I am 100% setup correctly on the Windows Server side, but I for sure want to make sure I have the AP side setup correctly. Do you know of a better article for the Windows Server 2008 R2 setup? Does it matter that I do not have all the services installed on the same server? Instead I have them installed on multiple servers.
I have image number c1140-k9w7-tar.124.25d.JA1 on the AP. The part that confused me in that article, which I have seen before was the part about "Setting up access point must be configured in the authentication server as an AAA client." What is the AAA Client? I also am not aware of having Cisco Secure ACS anywhere built into the AP as that part through me off completely. Do I need to skip these steps? Thank you for help on this. -
EAP-TLS with WLC 5508, Microsoft NPS and custom EKU OID´s
We are trying to implement EAP-TLS with client certificates that have a custom EKU OID to distinguish the WLAN clients. The Microsoft Press Book
Windows Server 2008 PKI and Certificate Security gives an example on how to configure a policy in NPS that matches specific EKU OID´s. At the moment we have two policies that have an allowed-certificate-oid configured that matches the OID´s in our certificates, but our setup is not working as expected. Authentications will only be successful, if the client authenticates with the certificate that is matched by the first policy rule.
For example:
Policy 1: allowed-certificate-OID --> corporate
Policy 2: allowed-certificate-OID --> private
Client authenticates with EKU corporate --> success
Client authenticates with EKU private --> reject
My expectation was, that if Policy 1 will not match the NPS goes over to Policy 2 and tries to authenticate the client.
Has anyone a simmilar setup or can help to figure out what is going wrong?
We have a WLC 5508 with Software Version 7.4.100.0 and a NPS on a Windows Server 2008 R2
regards
FabianThe policy rejects and the NPS goes to the next policy, only if the user does not belong to the configured group.
This means I need to have one AD group per application policy, but that will not solve my problem. A user could belong to more than one group, depending on how many devices he/she has. It will work with one group only for each user, because the first policy that matches a AD group, the user belongs to, could have a OID that is not in the certificate. This would cause a recejct with reason code 73:
The purposes that are configured in the Application Policies extensions, also called Enhanced Key Usage (EKU) extensions, section of the user or computer certificate are not valid or are missing. The user or computer certificate must be configured with the Client Authentication purpose in Application Policies extensions. The object identifier for Client Authentication is 1.3.6.1.5.5.7.3.2.
The certificate does include this OID but not the custom EKU. -
Client get connected occationally with WLC 5508
Hi ,
I have one strange problem on wireless connection.
I just upgraded several 1131 APs to LAP with 2 new Cisco 5508 controller deployed, and we found the clients sometime can get conneted to the 1131 AP, and connection well, sometimes cannot. during our test, one conecion is ok, next one cannot, the third one seems ok again and again.
And we also have 2 new 1140 APs, seems no such problem,
The version for controller is 6.0.196.0, and Client is Lenevo PC with XP.
Any suggestion? or some troubleshooting procedure I can follow?
Thanks!
RoyThanks!
Seems some problem with open authentication.
On the Client, it reported cannot get associated.
on the WLC, while I am debug client it reports:
*Jul 14 10:18:51.844: 00:1f:3c:c2:e9:71 Sending Assoc Response to station on BSSID c4:7d:4f:47:a5:c0 (status 12)
*Jul 14 10:18:51.889: 00:1f:3c:c2:e9:71 Ignoring 802.11 assoc request from mobile pending deletion
*Jul 14 10:18:51.889: 00:1f:3c:c2:e9:71 Sending Assoc Response to station on BSSID c4:7d:4f:47:a5:c0 (status 12)
*Jul 14 10:18:51.928: 00:1f:3c:c2:e9:71 Ignoring 802.11 assoc request from mobile pending deletion
*Jul 14 10:18:51.928: 00:1f:3c:c2:e9:71 Sending Assoc Response to station on BSSID c4:7d:4f:47:ae:b0 (status 12)
*Jul 14 10:18:52.446: 00:1f:3c:c2:e9:71 apfMsExpireCallback (apf_ms.c:418) Expiring Mobile!
*Jul 14 10:18:52.446: 00:1f:3c:c2:e9:71 apfMsExpireMobileStation (apf_ms.c:4427) Changing state for mobile 00:1f:3c:c2:e9:71 on AP c4:7d:4f:47:ae:b0 from Associated to Disassociated
I am using remote radius with WLC only.
The strange thing is, when get connected, it looks fine, but I tried disconnect manually, then connect again, it reported cannot get associated, then I try again, it can get connect again,.... -
7925 Phones voice quality issues with wlc 5508 version 7.6
Hi all,
I have a mix environment with 1 WLC 5508 and more or less 6 sites with several Access Points ( all AIR-LAP1242AG and all in FlexConnect mode Hreap ) and several wireless phones (all CP7925G) . My Ap's have antennas 2.4GHz in all sites except 1 site ( the one i'm talking for now) with 2.4GHz and 5GHz , because of the problems we suggest to have all phone in A BAND (5Ghz) . In this site we force the phones just to A (802.11a only) , power safe NONE , Continuous scan mode , i fallow all in http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7925g/7_0/english/deployment/guide/7925dply.pdf , one thing i didn’t do it was apply QoS because I can’t apply several ios commands in that 2960 with lan lite ios.
So I have 3 SSID for data and 2 for VOICE ( one is common to all environment and supports 2.4 and 5Ghz , and other just to test one site , with only 5Ghz with “[WPA2][Auth(802.1X + CCKM)][Auth(FT 802.1X)]”, because I read that problem can be phone rooming , and in FlexConnect only have fast-roaming in a CCKM or a PKM key-management solution , but even like this the problem still exist) .
I have another sites with phones in 2.4GHz running well and others with problems.
i read here in forums lots and lots of people with similar problems , i tried several solutions ( WLC upgrades versions and phones firmware's , …. ) tried all my best of solving the problems mas now I’m running without any ideas , i did also some site surveys and detect some interferers that why I change phones to 5Ghz , and I run also WLC Config analyser to help me , but all without good success. Some changes solve temporarily problems , but after some time , people reclaim about problems.
I can open a TAC case but first I want be sure if did all already.
Can someone try to help me?
ip phone 7925G firmware : CP7925G-1.4.5SR1.3
CUCM 8.6.2
WLC 5508 : 7.6.120.0
AP : AIR-LAP1242AG-E-K9 7.6.120.0 (flexconnect)
Best RegardsHi Serge,
Thanks for the suggestions. I have taken care of all the settings. Problem is , the user is seated in his office cabin and using the 7925 and there is around 50db signal strength in his room from an AP which is just outside the cabin. And this doesnt occur often, when we go to check and make calls, everything is fine whereas the user says it happens sometimes in the morning, evening etc... randomly... where the fone goes blank while in a call.... since the problem never happens when we go to troubleshoot the issue, we really dont know what is going on. This is happening when calling PSTN.
AP's are not restarting and there is no logs indicating that. Wireless infrastructure looks very much OK cos there are other users who are not experiencing this problem and there is ample coverage all over the floor. I am baffled why only one user has this problem even when he is seated in his office cabin.
Tried changing phones also, but still remains.
Question : i tried to do a linktest from WLC to his phone, but it failed, while linktest to laptops are working fine. Does wlc linktest not working for wireless phones ?
regards
Joe -
Cisco CAP 3702I not registered with WLC 5508.
I Have WLC 5508 in my network. Now i need to add another 2 no of cisco CAP 3702I in to my network. But we got the following errors
*Mar 1 01:27:06.359: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'WLC'runn
ing version 7.3.101.0 is rejected.
*Mar 1 01:27:06.359: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 01:27:06.359: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process m
essage type 2 state 2.
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 01:27:25.359: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROL
LER
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'WLC'runn
ing version 7.3.101.0 is rejected.
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process m
essage type 2 state 2.
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Failed to handle capwap control messag
e from controller
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap p
acket from 10.56.200.201
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'WLC'runn
ing version 7.3.101.0 is rejected.
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process m
essage type 2 state 2.
*Mar 1 01:27:06.359: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'WLC'runn
ing version 7.3.101.0 is rejected.
*Mar 1 01:27:06.359: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 01:27:06.359: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process m
essage type 2 state 2.
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 01:27:25.359: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROL
LER
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'WLC'runn
ing version 7.3.101.0 is rejected.
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process m
essage type 2 state 2.
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Failed to handle capwap control messag
e from controller
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap p
acket from 10.56.200.201
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'WLC'runn
ing version 7.3.101.0 is rejected.
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Mar 1 01:27:25.363: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process m
essage type 2 state 2.Your WLC seems to be running version 7.3 which is not supported with 37xx AP platform.
You need to run WLC with version 7.6.100.0 onwards to support these new AP's.
For more details check the Wireless Software Compatibility Matrix.
-Thanks
Vinod
**Encourage Contributors. RATE Them.** -
all,
I'm facing a problem to upgrade my WLC 5508 from 6.0.199.4 to 7.0.98.218
On my WLC, I have a bad src error message about the SFP.
With the version 6, I have the "warning" but the port is UP and Running
STP Admin Physical Physical Link Link
Pr Type Stat Mode Mode Status Status Trap POE SFPType
1 Normal Disa Enable Auto Auto Down Enable N/A Not Present
2 Normal Disa Enable Auto Auto Down Enable N/A Not Present
3 Normal Forw Enable Auto 1000 Full Up Enable N/A SFP Error
on version 7.0.98.218, the port never comes UP:
STP Admin Physical Physical Link Link
Pr Type Stat Mode Mode Status Status Trap POE SFPType
1 Normal Disa Enable Auto Auto Down Enable N/A Not Present
2 Normal Disa Enable Auto Auto Down Enable N/A Not Present
3 Normal Disa Enable Auto Auto Down Enable N/A SFP Error
I see a bug about CSCta32912, but normally, it is solved in version 7.
How to solve this issue?
Thanks.
STP Admin Physical Physical Link Link
Pr Type Stat Mode Mode Status Status Trap POE SFPType
1 Normal Disa Enable Auto Auto Down Enable N/A Not Present
2 Normal Disa Enable Auto Auto Down Enable N/A Not Present
3 Normal Forw Enable Auto 1000 Full Up Enable N/A SFP ErrorAre you using a Cisco SFP or a third party one?
Sent from Cisco Technical Support iPad App -
Hi,
I have upgraded my WLC 5508 from 7.0 to 7.4 and the AP 1310 no longer can associate to WLC.
Seems that the AP doesn't work with WLC ver 7.4
Except changing these APs to autonomous mode, any other alternatives?
Besides, if we change them to autonomous mode, can Prime Infrastructure manage/monitor these APs?
thanks.The 1310 last support is on v7.0.x of the WLC. See the matrix below.
http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
Prime Infrastructure can monitor the Autonomous access point but will not do anything else than monitor. Config changes is done via the bridge/AP itself.
Sent from Cisco Technical Support iPhone App -
Sql server 2008 r2 reportserver integration with sharepoint 2010 datasource credential
hello,
I am using sharepoint 2010 and sql server 2008 r2 and integrated in sharepoint integration mode and i am using windows authentication ,not keberos ,so i deletd negotiate in authentication tag in rssharepoint.config file,but when i tried to create data source
i am getting credential error and when windows credential is used it is getting connected.
please help.
thanksHi Krishnakumar_DeV,
Based on the current description, I understand that you should use the Windows NTLM authentication and delete the Negotiatein in authentication tag from RSReportServer.config which is located in the folder “C:\Program Files\Common Files\Microsoft Shared\Web
Server Extensions\XX\WebServices\Reporting”. You can use a local account or domain account to connect report server, while there is credential error message when creating data source, right?
To narrow down the issue, I want to confirm some information below:
1. To connect to remote data source, we can specify the following credentials’ ways:
•Prompt the user for credentials
•Store credentials
•Use Windows integrated security
•Use no credentials
Which credential way is you using and what’s the detailed error message?
2. How do you create the data source?
If I have any misunderstanding, please feel free to contact me.
Regards,
Heidi Duan
Heidi Duan
TechNet Community Support -
Wireless voice quality issues with wlc 5508 7.0.98
Hi,
I am having random occurances of voice drops (one-way audio) during phone calls. WLC 5508 (7.0.98) , LAP1242AG (only G antenna present), and 7925G phones. coverage is excellent throughout the floor and its a confined office space. Its not happening always. I am seeing these logs , not sure if it is related. :
*apfReceiveTask: Feb 10 11:31:53.831: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg
*apfReceiveTask: Feb 10 11:31:33.356: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg
I have set DCA list to1,6 and 11. I tried disabling RRM and statically fixing the channels and power also. Still the issue is seen,
7925G firmware is 1.4.1
i tried to do linktest from the WLC to the phone, but link test is failed. linktest to a laptop works though. I have only mac filtering for the voice ssid.
any suggestions pls ?
regards
JoeHi Serge,
Thanks for the suggestions. I have taken care of all the settings. Problem is , the user is seated in his office cabin and using the 7925 and there is around 50db signal strength in his room from an AP which is just outside the cabin. And this doesnt occur often, when we go to check and make calls, everything is fine whereas the user says it happens sometimes in the morning, evening etc... randomly... where the fone goes blank while in a call.... since the problem never happens when we go to troubleshoot the issue, we really dont know what is going on. This is happening when calling PSTN.
AP's are not restarting and there is no logs indicating that. Wireless infrastructure looks very much OK cos there are other users who are not experiencing this problem and there is ample coverage all over the floor. I am baffled why only one user has this problem even when he is seated in his office cabin.
Tried changing phones also, but still remains.
Question : i tried to do a linktest from WLC to his phone, but it failed, while linktest to laptops are working fine. Does wlc linktest not working for wireless phones ?
regards
Joe -
ISE 1.3 not receiving Radius requests from WLC 5508 ver 8.0.110.0
Hello all. I just implemented ISE 1.3 at a customer site. added a WLC running 8.0.110.0 using its mgmt address with a RADIUS preshared key. On the WLC, I created to SSIDs, corp and guest.
For corp I configured WPA2 and AES and forwarded Radius requests to my 2 ISE node PSN interfaces
For the guest I configured MAC filter with advanced features AAA overide and Radius NAC - per Cisco's documents
The corp forwards Radius requests to ISE, the guest does not. I get nothing from the guest.
I configured the WLC step by step from the Cisco document. I have completed over 10 ISE implementations in the last year using ISE 1.2 and WLC 7.x and have never run into this issue before.
Any help will be much appreciated.This issue has been resolved. The issue was that for the guest SSID MAC filtering was enabled as required, but they had the test PCs on a mac filter bypass list for that SSID in the WLC. This was automatically authenticating the PC, and therefore not forwarding the RADIUS to ISE.
Once we removed the PC from the MAC filter list in the WLC, the authentications were forwarded to ISE as desired. -
Problem Joining AIR-CAP1602I-C-K9 with WLC 5508
Hi,
I am having trouble to get AIR CAP1602I-C-K9 attached to a 5508 WLC running code 7.4.110.0
Here is what I got from the AP logs:
====================================================================================================
Extracting files...
ap1g2-k9w8-mx.152-2.JB2/ (directory) 0 (bytes)
extracting ap1g2-k9w8-mx.152-2.JB2/K5.bin (75790 bytes)!!!!
*Dec 6 15:09:23.011: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Dec 6 15:09:23.535: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.10.100 peer_port: 5246
*Dec 6 15:09:23.535: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.10.100
*Dec 6 15:09:23.535: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Dec 6 15:09:23.535: %CAPWAP-3-ERRORLOG: CAPWAP!
extracting ap1g2-k9w8-mx.152-2.JB2/ap1g2-k9w8-mx.152-2.JB2 (9202946 bytes)!!!!!!!!! SM handler: Failed to process message type 10 state 5.
*Dec 6 15:09:23.535: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Dec 6 15:09:23.535: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 172.16.10.100perform archive download capwap:/ap1g2 tar file
*Dec 6 15:09:23.583: %CAPWAP-6-AP_IMG_DWNLD: Required image not found on AP. Downloading image from Controller.
*Dec 6 15:09:23.587: Loading file /ap1g2...
*Dec 6 15:09:24.007: %LINEPROTO-5-UPDOWN:!!!!!!!!!!! Line protocol on Interface Dot11Radio0, changed state to down
*Dec 6 15:09:24.063: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up!!!!!!!!!!!
*Dec 6 15:09:25.139: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up!!!!!!!!!!
*Dec 6 15:09:26.135: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Premature end of tar file
ERROR: Problem extracting files from archive.
Download image failed, notify controller!!! From:7.4.1.37 to 7.4.110.0, FailureCode:3
archive download: takes 63 seconds
*Dec 6 15:10:26.851: capwap_image_proc: problem extracting tar file
====================================================================================
after that the AP reboots and do same process over and over again,
Please help..
Many Thanks,
BarthHere is the info about AP and WLC:
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.110.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
Build Type....................................... DATA + WPS
System Name...................................... WLC1-AP
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 172.16.10.100
Last Reset....................................... Power on reset
System Up Time................................... 0 days 4 hrs 12 mins 28 secs
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
--More-- or (q)uit
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +44 C
External Temperature............................. +28 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown
Burned-in MAC Address............................ F8:72:EA:EF:2E:A0
Power Supply 1................................... Present, OK
Power Supply 2................................... Present, Power Off, Fan On
Maximum number of APs supported.................. 100
AP4403.a7fd.f040#sh ver
Cisco IOS Software, C1600 Software (AP1G2-K9W8-M), Version 15.2(2)JB, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 11-Dec-12 04:45 by prod_rel_team
ROM: Bootstrap program is C1600 boot loader
BOOTLDR: C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
AP4403.a7fd.f040 uptime is 4 minutes
System returned to ROM by power-on
System image file is "flash:/ap1g2-k9w8-mx.152-2.JB/ap1g2-k9w8-mx.152-2.JB"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP1602I-C-K9 (PowerPC) processor (revision B0) with 98294K/32768K bytes of memory.
Processor board ID FGL1711ZJNW
PowerPC CPU at 533Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.4.1.37
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 44:03:A7:FD:F0:40
Part Number : 73-14671-04
PCA Assembly Number : 000-00000-00
PCA Revision Number :
PCB Serial Number : FOC16517DZ1
Top Assembly Part Number : 800-38552-01
Top Assembly Serial Number : FGL1711ZJNW
Top Revision Number : A0
Product/Model Number : AIR-CAP1602I-C-K9
Configuration register is 0xF
AP4403.a7fd.f040#sh inventory
NAME: "AP1600", DESCR: "Cisco Aironet 1600 Series (IEEE 802.11n) Access Point"
PID: AIR-CAP1602I-C-K9 , VID: V01, SN: FGL1711ZJNW -
Using MS Radius Server with WLC
I'm currenlty running WLC version 4.1.171. For authentication I'm using Microsoft IAS. I was able to get this to work by using Web Authentication but I want to use 802.1x w/ PEAP. I've been researching this and most of the documents talk about ACS. I did find one document on how to make this work, however I still have not been able to get authenicated. I'm hoping someone has some documentation on how to configure IAS on MS WIN Ser 2003. Thanks in advance.
Here is the document I've been using: http://wireless.dweezle.org/Docs/PEAP/Step-by-Step%20Guide%20for%20Setting%20Up%20Secure%20Wireless%20Access.pptHi,
can You send me some information about configuring WEB-AUTH with IAS ?
I cannot figure how to comfigure user / ias in my server .
I've done EAPTLS with the same IAS, but now i was trying to do simple user/pass authentication, if it's possible.
Many thanks
Luigi
Maybe you are looking for
-
Image disappears from iCloud and Libraries
I got a question for logging in to iCloud if I want to change a folder , which I did. Now I suddenly have old pictures and some of my later disappeared ! Not available either locally
-
Pb with language logon and data display Query designer
Hello, I do the translations (FR => EN) via RSA1 and SE63 of my variables of my Query for the query designer. It works I have no technical name that appears in the query designer. But when I run my query using the query designer, the query is display
-
Splitting the date based on the selection screen input
Hi all, In the Selection screen of my report i had maintained two fields SELECT-OPTIONS : S_DATE FOR TPCDATE-FROM_DATE. PARAMETERS : P_NUMBER TYPE ZMMAREA-NUMBER. I need to code such that S_DATE should be splitted into P_NUMBER times for ex
-
HT1926 itunes invalid signature
Somebody please help me! It won't let me download the newest version of itunes. It just it has an invalid signature.
-
Lokal messaging with Integration Engine on WAS 6.40
Hi, we try to decouple different applications on the same application server through asynchronous messaging. We want to generate proxy-interfaces from our central XI repository (on another machine). The physical messaging should be local (not over XI