WLC 5508 support of Secure LDAP using TLS

Hi,
I have seen that the current WLC software release, 7.0.116.0, does not support secure LDAP using TLS. Are there any plans to incorporate this feature? (I've read that it was supported in previous releases to version 4.2). Is it in the roadmap of the product?
Thank you very much for your help.
Kind regards,

I too am desiring this functionality.,,

Similar Messages

  • Does WLC 5508 Support LDAPS - Port 636

    We have 2 5508 WLC's and @ 35 AirCap Radios.
    We're running latest S/W release 8.0.110.
    We presently use LDAP to authenticate to the wireless.
    We would like to move to LDAPS on port 636.
    Configuration Guide says you can select other port numbers for LDAP but
    only port 389 is supported.
    Is this true?
    I read some old posts that said on releases year ago LDAPS and port 636 was supported.

    Config guide says below & it is default to 389. It does not say only 389 supported.
    http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_0101110.html
    "If you are adding a new server, enter the LDAP server’s TCP port number in the Port Number text box. The valid range is 1 to 65535, and the default value is 389."
    Anyway give it a try & see
    Rasika

  • Configuring WLC 5508 and Iphone/blackberry to use certificates

    Hello, we would like to configure additional wlan for iphone/blackberry internet access. The goal is to have internal users (Active Directory users) using blackberry connecting to internal wireless network and update their mailboxes. We would like to avoid roaming charges for blackberry data traffic (email updates) but on the other hand we have to provide some way of authentication to blackberry/iphone so we know that only corporate blackberry/iphones can connect to internal network and update emails. It would be greatly appreciated if someone point me to configuration docs covering this issue or give me quick overview what has to be done to make this happening. We have radius server available if needed.
    Thanks so much.
    Appreciated.

    http://www.cisco.com/en/US/customer/products/ps6366/products_configuration_example09186a0080921f67.shtml
    With PEAP, you set up a Windows Server box as a root Certificate Authority and install the CA on all clients. Then, clients simply log on with their AD credentials.
    http://www.cisco.com/en/US/customer/tech/tk722/tk809/technologies_white_paper09186a008009256b.shtml
    EAP-TLS is much more secure because it requires a unique certificate generated by the CA installed on each client.

  • How many AP will wlc 5508 support in HREAP Groups?

    Hi,
    I have a new deployment of 44 3502i AP's in 3 buildings at one of my campus'.
    The 5508 wlc is running latest 7.0.116.0 code.
    I have some users who take their work with them as they go from location to location on this campus.
    They need to be able to smoothly switch from AP to AP without having to reauthenticate each time the next AP takes over in the handoff.
    On the ssid in question we run 802.1x back to 1 auth server; there is no failover auth server.
    All APs are in one AP Group.
    My thought is to add all 44 of the APs to one HREAP Group.
    Will this be the best/simplest solution?
    Thank you

    Scott,
    Thanks!
    I thought hreap groups had a hard limit but I could not remember and I did not find the document when I went looking.
    That was exactly my question, how many APs can be in an hreap group.
    Since I have 44 APs I will probably break it into 2 hreap groups. The office group and the DC group.

  • ISE 1.2 / WLC 5508 EAP-TLS expired certificate error, but wireless still working

    Hi I have a customer that we've deployed ISE 1.2 and WLC 5508s at.  Customer is using EAP-TLS with and everything appears to setup properly.  Users are able to login to the network and authenticate, however, frequently, I'm getting the following error in ISE authentication logs:
    12516 EAP-TLS failed SSL/TLS handshake because of an expired certificate in the client certificates chain
    OpenSSL messages are:
    SSL alert: code=Ox22D=557 : source=local ; type=fatal : message="X509
    certificate ex pi red"'
    4 727850450.3616:error.140890B2: SS L
    rOYbne s: SSL 3_  G ET _CL IE NT  _CE RT IF ICAT E:no ce rtific ate
    relurned: s3_ srvr.c: 272 0
    I'm not sure if this is cosmetic or if this is something that I should be tracking down.  System isn't in full production yet, but every client seems to be working and there is no expired cert in the chain.  Any ideas what to check?

    Hello Dino,
      thanks very much for your reply.
      The client uses a machine-certificate, the PKI is not a microsoft one, but a third party PKI.   The certificate is fresh and valid, the root-cert is installed and checked to be validated against it for the login.
    Clock is correct too. The same setup works flawlessly in Windows 7 and XP.
    EKU is set on the certificate (1.3.6.1.5.5.7.3.2)
    I suspect the cert-setup itself, but don't get a clue where this might stuck...
    Björn

  • WLC 5508, LAP1262, Security Features Design

    Dears,
    I am planning to get the following Hardware;
    AIR-CT5508-50-K9
    5508 Series Controller for up to 50 APs
    AIR-LAP1262N-E-K9
    802.11a/g/n Ctrlr-based AP; Ext Ant; E Reg Domain
    During my design, i am considering to get the following security features.
    NOTE: I don't have WCS and Mobility Services Engine (MSE).
    Managing Access Points at remote/WAN office.
    wIPS configuration (without WCS and MSE)
    How Rouge APs will be detected and Prevented. Can Automated prevention be implemented.
    Is wIPS (with WLC 5508) support to detect and prevent Rouge AP.
    Is Proxy Redirection supported on WLC so that the traffic from Wireless clients will automatically be redirected to Proxy (without adding the proxy in explorers of Wireless Clients).
    Unfortunatelly i dont have LAB to test these features, so please respond.......

    Dear Scott,
    Thanks for your detailed response. I still have confusion regarding the Point5. Find the following details;
    Current Design:
    All the Internet traffic (http, https) for Wired and Wireless users is forwarded to proxy server (microsoft ISA/10.1.100.1)) for internet access.
    For this purpose, all users have to add proxy to their explorers.
    New Design/Requirements for Wireless Guest Users:
    For the Wireless Guests users to get internet, they will have to add the proxy in their Explorers.
    I would like to provide them Internet Access without additing proxy in their Explorers (not to bother them with configuring their laptops).
    Is it possible, if WLC can automatically redirect the Internet traffic from Guests users to proxy Server (10.1.100.1).

  • WLC 5508 LOAD BALANCING APs to HA-SSO

    Do somebody knows what´s going to happen about configuration when you migrate 2-WLC 5508 giving wireless services correctly, using load balancing with the APs to HA-SSO mode???
    At this time we have some AP groups in WLC1 and in WLC2 we don´t have the AP groups, what´s going to happen with the configuration of both WLCs, both configuration are going to be merged??
    REGARDS

    When you covert the pair into SSO, all the APs will go to the ACTIVE unit.  No unit will "live" in the standby unit because this unit will "share" the AP-support license between the two.
    This is the first step you need to get sorted.  Send an email to [email protected] and give them the exact details of what you want to do (i. e.  AP SSO) and then provide the serial number of your nominated active WLC and the serial number of your nominated standby WLC.

  • WLC 5508 and Microsoft Radius Server 2008

    Hi, I am trying to setup WLC 5508 for a customer who want to use MS NPS for Radius authentication, however there aren't many good documents showing how to configure the MS NPS.
    I have couple of questions:
    1, Does WLC 5508 support MS NPS on Server 2008 R2?
    2, Are there any good document showing how to configure this?
    Thanks

    Hadisharifi,
    There is no single document that we can pick for configuring WLC and NPS. However, you may visit the below listed document for NPS  and WLC side configuration:
    Configure the WLC for RADIUS Authentication through an External RADIUS Server
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a0080665d18.shtml#c2
    Fo the NPS side configuration, you may consider the attached document.
    Regds,
    JK
    Do rate helpful posts-

  • IP-MAC Binding for WLC-5508

    Hello!
    I am having problem in configuring wlc 5508, in a security option i applied mac-filtering and it works fine.
    Now I need to configure ip-mac address binding, i tried both with gui and cli method but it is not working. While configuring mac-filtering on gui there is a option to define ip address, after defining xx.xx.xx.xx ip address for device xx it is not peaking particular ip from the pool.  
    mac-filtering is still working with out issue.
    Also tried with cli.....
    Looking through the configuration guide i tried every possible ways but couldn't get any resolution.
    mac-binding, mac-filtering is enable,
    What will be the possible causes of this?
    does it support mac-ip binding in its local database?
    I would be thankful in your any suggestions and advises!  
    Nikhil

    Thanks for reply David,
    Currently user are authenticate from mac address and we want IP-MAC base authentication in cisco 5508 controller.
    we are facing some problem that in stead of ip-mac pair only mac address is authenticate.
    can u guide me that how can i authenticate IP-MAC pair in cisco 5508 controller?
    or Is this possible on Cisco 5508 controller as it is showing ip address field in GUI option?
    i am waiting your reply.

  • WLC 5508 and AIR-LAP1042N

    Hi everyone!
    Question is simple, but I cannot find it in google.
    Does WLC 5508 support AIR-LAP1042N?
    Reagrds,
    Aleksei

    One more question.
    What poe injector is supported on AIR-LAP1042N?
    I have found poe injectors for other APs.
    1.AIR-PWR-B=
    2.AIR-PWRINJ4
    Will anyone of these support this AP?

  • Securing FTP with TLS

    Hi,
    I am developing a secure FTP client.
    Is there any free API available in the market which I can be reuseable in my application?
    If not please provide me some link so that I can develope such API using JSSE API.
    FYI-I am following the Internet Draft, �Securing FTP with TLS� by Ford-Hutchinson,a specification for realizing RFC2228, �FTP Security Extension� using TLS.
    Thanks.

    hi friend,
    i'm also looking for free secure ftp api's for Java...
    if u know any, do let me know....

  • WLC 5508 - 802.11n using 802.1X security

    WLC 5508 product version: 6.0.199.4
    AP: AIR-LAP1142N-S-K9
    The connection can reach up to 144Mbps when using WPA2 with AES (Layer 2 security), WMM allowed (QOS). But when I use 802.1X (Layer 2 security), can only reach up to 54Mbps.
    Any special setting when using 802.1X to reach 144Mbps?
    Or do I need to upgrade?
    Any help is very much appreciated.

    Change the field "layer 2 security to " WPA+WPA2"
    in the below section in authentication key managment set the checkmark for "802.1X"
    That should solve the issue.

  • Does WLC 5508 (7.2) support PEAP to MS radius?

    Hi,
    I'm running version  7.2.111.3 on my WLC 5508 and I try to figure out how I can set PEAP towards my configurerd Radius servers.
    On my Local EAP profile I can specify PEAP, but how is it default configurerd when you just specify the radius servers on the "WLANs > Edit Test > security > AAA servers tab ?
    The MS radius logs tell me that it is EAP and not PEAP, so the questions is does the WLC support Microsoft: Protected EAP ???
    Dot1x_NW_MsgTask_0: Oct 10 11:02:27.279: 24:77:03:07:75:28 AAA EAP Packet created request = 0x1bd4647c.. !!!! -> should be AAA PEAP ???
    *Dot1x_NW_MsgTask_0: Oct 10 11:02:27.279: 24:77:03:07:75:28 Sending EAP Attribute (code=2, length=35, id=2) for mobile 24:77:03:07:75:28
    *Dot1x_NW_MsgTask_0: Oct 10 11:02:27.280: 24:77:03:07:75:28 [BE-req] Radius  EAP/Local WLAN 3.
    Thanks in advance,
    Michel

    you're right +5. looks like it sort of gives more granular selection/priority, if we don't want to use any AAA from global when all the configured AAA on WLAN failed then it will be useful.
    http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70sol.html
    Step 16
    Select the
    Network User
    check box to enable network user authentication (or accounting), or unselect it to disable this feature. The default value is selected. If you enable this feature, this entry is considered the RADIUS authentication (or accounting) server for network users. If you did not configure a RADIUS server entry on the WLAN, you must enable this option for network users.

  • EAP-TLS with WLC 5508, Microsoft NPS and custom EKU OID´s

    We are trying to implement EAP-TLS with client certificates that have a custom EKU OID to distinguish the WLAN clients. The Microsoft Press Book
    Windows Server 2008 PKI and Certificate Security gives an example on how to configure a policy in NPS that matches specific EKU OID´s. At the moment we have two policies that have an allowed-certificate-oid configured that matches the OID´s in our certificates, but our setup is not working as expected. Authentications will only be successful, if the client authenticates with the certificate that is matched by the first policy rule.
    For example:
    Policy 1: allowed-certificate-OID --> corporate
    Policy 2: allowed-certificate-OID --> private
    Client authenticates with EKU corporate --> success
    Client authenticates with EKU private --> reject
    My expectation was, that if Policy 1 will not match the NPS goes over to Policy 2 and tries to authenticate the client.
    Has anyone a simmilar setup or can help to figure out what is going wrong?
    We have a WLC 5508 with Software Version                 7.4.100.0 and a NPS on a Windows Server 2008 R2
    regards
    Fabian

    The policy rejects and the NPS goes to the next policy, only if the user does not belong to the configured group.
    This means I need to have one AD group per application policy, but that will not solve my problem. A user could belong to more than one group, depending on how many devices he/she has. It will work with one group only for each user, because the first policy that matches a AD group, the user belongs to, could have a OID that is not in the certificate. This would cause a recejct with reason code 73:
    The purposes that are configured in the Application Policies extensions, also called Enhanced Key Usage (EKU) extensions, section of the user or computer certificate are not valid or are missing. The user or computer certificate must be configured with the Client Authentication purpose in Application Policies extensions. The object identifier for Client Authentication is 1.3.6.1.5.5.7.3.2.
    The certificate does include this OID but not the custom EKU.

  • EAP-TLS on WLC 5508 agains IAS RADIUS

    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
    mso-para-margin-top:0cm;
    mso-para-margin-right:0cm;
    mso-para-margin-bottom:10.0pt;
    mso-para-margin-left:0cm;
    line-height:115%;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"Times New Roman";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    Hi, anyone experienced issue like this?
    I am installing a WLC 5508 using EAP-TLS authentication with an IAS Radius server.
    I got “Access-Accept” debug message received from RADIUS server.
    However the wireless client failed to connect.
    Below is partially the debug message from the WLC
    Any feedbacks are welcome
    *Oct 07 15:08:24.403:     Callback.....................................0x10c527d0
    *Oct 07 15:08:24.403:     protocolType.................................0x00140001
    *Oct 07 15:08:24.403:     proxyState...................................00:19:7D:72:B4:3B-09:00
    *Oct 07 15:08:24.403:     Packet contains 12 AVPs (not shown)
    *Oct 07 15:08:24.403: apfVapRadiusInfoGet: WLAN(1) dynamic int attributes srcAddr:0x0, gw:0x0, mask:0x0, vlan:0, dpPort:0, srcPort:0
    *Oct 07 15:08:24.404: 00:19:7d:72:b4:3b Successful transmission of Authentication Packet (id 101) to 10.86.8.105:1812, proxy state 00:19:7d:72:b4:3b-00:00
    *Oct 07 15:08:24.404: 00000000: 01 65 00 d2 d0 bc 95 1b  f7 c9 71 dd 32 cb b7 0a  .e........q.2...
    *Oct 07 15:08:24.404: 00000010: 52 eb 0c 3e 01 22 68 6f  73 74 2f 49 44 31 30 2d  R..>."host/ID10-
    *Oct 07 15:08:24.404: 00000020: 30 41 46 4a 30 33 31 2e  65 75 63 2e 6e 65 73 74  0AFJ031.euc.test
    *Oct 07 15:08:24.404: 00000030: 6c 65 2e 63 6f 6d 1f 13  30 30 2d 31 39 2d 37 64  01.com..00-19-7d
    *Oct 07 15:08:24.404: 00000040: 2d 37 32 2d 62 34 2d 33  62 1e 1a 30 30 2d 33 61  -72-b4-3b..00-3a
    *Oct 07 15:08:24.404: 00000050: 2d 39 38 2d 39 35 2d 34  36 2d 35 30 3a 57 57 53  -98-95-46-50:TES
    *Oct 07 15:08:24.404: 00000060: 33 30 30 05 06 00 00 00  01 04 06 0a 56 0c d2 20  300.........V...
    *Oct 07 15:08:24.404: 00000070: 0c 49 44 48 4f 4a 58 43  30 30 31 1a 0c 00 00 37  .IDHOJXC001....7
    *Oct 07 15:08:24.404: 00000080: 63 01 06 00 00 00 01 06  06 00 00 00 02 0c 06 00  c...............
    *Oct 07 15:08:24.404: 00000090: 00 05 14 3d 06 00 00 00  13 4f 27 02 03 00 25 01  ...=.....O'...%.
    *Oct 07 15:08:24.404: 000000a0: 68 6f 73 74 2f 49 44 31  30 2d 30 41 46 4a 30 33  host/ID10-0AFJ03
    *Oct 07 15:08:24.404: 000000b0: 31 2e 65 75 63 2e 6e 65  73 74 6c 65 2e 63 6f 6d  1.euc.nestle.com
    *Oct 07 15:08:24.404: 000000c0: 50 12 80 be 54 a7 26 52  8e 63 0f 2f 87 a5 78 53  P...T.&R.c./..xS
    *Oct 07 15:08:24.404: 000000d0: 68 6e                                             hn
    *Oct 07 15:08:24.405: 00000000: 02 65 00 34 3e c1 67 35  f7 be 57 75 43 ce 19 ca  .e.4>.g5..WuC...
    *Oct 07 15:08:24.405: 00000010: 83 5d 83 95 19 20 31 b1  03 a2 00 00 01 37 00 01  .]....1......7..
    *Oct 07 15:08:24.405: 00000020: 0a 56 08 69 01 cb 63 8b  13 1e 16 37 00 00 00 00  .V.i..c....7....
    *Oct 07 15:08:24.405: 00000030: 00 00 00 5f                                       ..._
    *Oct 07 15:08:24.405: ****Enter processIncomingMessages: response code=2
    *Oct 07 15:08:24.405: ****Enter processRadiusResponse: response code=2
    *Oct 07 15:08:24.405: 00:19:7d:72:b4:3b Access-Accept received from RADIUS server 10.86.8.105 for mobile 00:19:7d:72:b4:3b receiveId = 9
    *Oct 07 15:08:24.405: AuthorizationResponse: 0x1524b3d8
    *Oct 07 15:08:24.405:     structureSize................................78
    *Oct 07 15:08:24.405:     resultCode...................................0
    *Oct 07 15:08:24.405:     protocolUsed.................................0x00000001
    *Oct 07 15:08:24.405:     proxyState...................................00:19:7D:72:B4:3B-09:00
    *Oct 07 15:08:24.405:     Packet contains 1 AVPs:
    *Oct 07 15:08:24.405:         AVP[01] Class....................................DATA (30 bytes)
    *Oct 07 15:08:24.405: 00:19:7d:72:b4:3b Applying new AAA override for station 00:19:7d:72:b4:3b
    *Oct 07 15:08:24.405: 00:19:7d:72:b4:3b Override values for station 00:19:7d:72:b4:3b
        source: 4, valid bits: 0x0
        qosLevel: -1, dscp: 0xffffffff, dot1pTag: 0xffffffff, sessionTimeout: -1
        dataAvgC: -1, rTAvgC
    *Oct 07 15:08:24.405: 00:19:7d:72:b4:3b Inserting new RADIUS override into chain for station 00:19:7d:72:b4:3b
    *Oct 07 15:08:24.405: 00:19:7d:72:b4:3b Override values for station 00:19:7d:72:b4:3b
        source: 4, valid bits: 0x0
        qosLevel: -1, dscp: 0xffffffff, dot1pTag: 0xffffffff, sessionTimeout: -1
        dataAvgC: -1, rTAvgC
    *Oct 07 15:08:24.405: 00:19:7d:72:b4:3b Sending 802.11 EAPOL message  to mobile 00:19:7d:72:b4:3b WLAN 1, AP WLAN 1
    *Oct 07 15:08:24.405: 00000000: 01 00 00 04 03 ff 00 04                           ........
    *Oct 07 15:08:24.405: 00:19:7d:72:b4:3b Sending 802.11 EAPOL message  to mobile 00:19:7d:72:b4:3b WLAN 1, AP WLAN 1
    *Oct 07 15:08:24.405: 00000000: 01 03 00 5f fe 00 89 00  20 00 00 00 00 00 00 00  ..._............
    *Oct 07 15:08:24.405: 00000010: 00 3e 5d 2a e3 2a c2 22  71 0b 06 e8 42 6c 3c bf  .>]*.*."q...Bl<.
    *Oct 07 15:08:24.405: 00000020: 45 1e 5c e7 a1 68 ae 0c  c0 9f 22 ce 0c 3e 96 45  E.\..h...."..>.E
    *Oct 07 15:08:24.405: 00000030: ee 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *Oct 07 15:08:24.405: 00000040: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *Oct 07 15:08:24.405: 00000050: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *Oct 07 15:08:24.405: 00000060: 00 00 00                                          ...
    *Oct 07 15:08:25.316: 00:19:7d:72:b4:3b Sending 802.11 EAPOL message  to mobile 00:19:7d:72:b4:3b WLAN 1, AP WLAN 1
    *Oct 07 15:08:25.317: 00000000: 01 03 00 5f fe 00 89 00  20 00 00 00 00 00 00 00  ..._............
    *Oct 07 15:08:25.317: 00000010: 01 3e 5d 2a e3 2a c2 22  71 0b 06 e8 42 6c 3c bf  .>]*.*."q...Bl<.
    *Oct 07 15:08:25.317: 00000020: 45 1e 5c e7 a1 68 ae 0c  c0 9f 22 ce 0c 3e 96 45  E.\..h...."..>.E
    *Oct 07 15:08:25.317: 00000030: ee 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *Oct 07 15:08:25.317: 00000040: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *Oct 07 15:08:25.317: 00000050: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *Oct 07 15:08:25.317: 00000060: 00 00 00                                          ...
    *Oct 07 15:08:26.317: 00:19:7d:72:b4:3b Sending 802.11 EAPOL message  to mobile 00:19:7d:72:b4:3b WLAN 1, AP WLAN 1
    *Oct 07 15:08:26.317: 00000000: 01 03 00 5f fe 00 89 00  20 00 00 00 00 00 00 00  ..._............
    *Oct 07 15:08:26.317: 00000010: 02 3e 5d 2a e3 2a c2 22  71 0b 06 e8 42 6c 3c bf  .>]*.*."q...Bl<.
    *Oct 07 15:08:26.317: 00000020: 45 1e 5c e7 a1 68 ae 0c  c0 9f 22 ce 0c 3e 96 45  E.\..h...."..>.E
    *Oct 07 15:08:26.317: 00000030: ee 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *Oct 07 15:08:26.317: 00000040: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *Oct 07 15:08:26.317: 00000050: 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ................
    *Oct 07 15:08:26.317: 00000060: 00 00 00                                          ...
    *Oct 07 15:08:27.753: 00:19:7d:72:b4:3b Sending 802.11 EAPOL message  to mobile 00:19:7d:72:b4:3b WLAN 1, AP WLAN 1
    *Oct 07 15:08:27.753: 00000000: 01 00 00 30 01 01 00 30  01 00 6e 65 74 77 6f 72  ...0...0..networ
    *Oct 07 15:08:27.753: 00000010: 6b 69 64 3d 57 57 53 33  30 30 2c 6e 61 73 69 64  kid=TES300,nasid
    *Oct 07 15:08:27.753: 00000020: 3d 49 44 48 4f 4a 58 43  30 30 31 2c 70 6f 72 74  =IDHOJXC001,port
    *Oct 07 15:08:27.753: 00000030: 69 64 3d 31                                            id=1
    *Oct 07 15:08:27.760: 00:19:7d:72:b4:3b Received 802.11 EAPOL message (len 5) from mobile 00:19:7d:72:b4:3b
    *Oct 07 15:08:27.760: 00000000: 01 01 00 00 00                                    .....
    *Oct 07 15:08:27.760: 00:19:7d:72:b4:3b Sending 802.11 EAPOL message  to mobile 00:19:7d:72:b4:3b WLAN 1, AP WLAN 1
    *Oct 07 15:08:27.760: 00000000: 01 00 00 30 01 02 00 30  01 00 6e 65 74 77 6f 72  ...0...0..networ
    *Oct 07 15:08:27.760: 00000010: 6b 69 64 3d 57 57 53 33  30 30 2c 6e 61 73 69 64  kid=TES300,nasid
    *Oct 07 15:08:27.760: 00000020: 3d 49 44 48 4f 4a 58 43  30 30 31 2c 70 6f 72 74  =IDHOJXC001,port
    *Oct 07 15:08:27.760: 00000030: 69 64 3d 31                                       id=1
    *Oct 07 15:08:27.762: 00:19:7d:72:b4:3b Received 802.11 EAPOL message (len 41) from mobile 00:19:7d:72:b4:3b
    *Oct 07 15:08:27.762: 00000000: 01 00 00 25 02 01 00 25  01 68 6f 73 74 2f 49 44  ...%...%.host/ID
    *Oct 07 15:08:27.762: 00000010: 31 30 2d 30 41 46 4a 30  33 31 2e 65 75 63 2e 6e  10-0AFJ031.euc.t
    *Oct 07 15:08:27.762: 00000020: 65 73 74 6c 65 2e 63 6f  6d                       est01.com
    *Oct 07 15:08:27.764: 00:19:7d:72:b4:3b Received 802.11 EAPOL message (len 41) from mobile 00:19:7d:72:b4:3b
    *Oct 07 15:08:27.764: 00000000: 01 00 00 25 02 02 00 25  01 68 6f 73 74 2f 49 44  ...%...%.host/ID
    *Oct 07 15:08:27.764: 00000010: 31 30 2d 30 41 46 4a 30  33 31 2e 65 75 63 2e 6e  10-0AFJ031.euc.t
    *Oct 07 15:08:27.764: 00000020: 65 73 74 6c 65 2e 63 6f  6d                       est01.com
    *Oct 07 15:08:27.765: AuthenticationRequest: 0x1ad0b36c

    Thanks for your reply jedubois
    Really appreciate it.
    I have tried to change the value for EAPOL-Key Timeout, still the client won't connect.
    Below are the outputs for the eap advanced config
    (Cisco Controller) >show advanced eap
    EAP-Identity-Request Timeout (seconds)........... 30
    EAP-Identity-Request Max Retries................. 2
    EAP Key-Index for Dynamic WEP.................... 0
    EAP Max-Login Ignore Identity Response........... enable
    EAP-Request Timeout (seconds).................... 30
    EAP-Request Max Retries.......................... 2
    EAPOL-Key Timeout (milliseconds)................. 5000
    EAPOL-Key Max Retries............................ 2
    (Cisco Controller) >
    Any other suggestion?

Maybe you are looking for

  • Data validation at the UI level

    Hi I have a requirement like i need to validate the input data at the UI level. If the data is valid ,only then it should be allowed to be saved. If someone knows how to do the same. I have seen a method DO_VALIDATE_INPUT method in View controller (I

  • Cheque numbers are not completely updated for all payment document

    Hi, In the Automatic Payment Program, system is not able to update cheque numbers for some of the payment documents which were generated in one APP run. This issue, we are facing only in Production Server. APP The extraction of Payment details are no

  • Color Corrector?

    can you use key frames when using the color corrector, like say i want to have a video in black and white, then fade to color. Can i do that?

  • Condition Records For output

    Hi, Can anyone help me how to find the condition records for output. We have for the pick, pack and stage different printing options. How can I check it on the system that they have been configured

  • DMA buffer mapping to array?

    Hi all! I'm working with a DMA capable camera that mapps images to a DMA buffer which is accessible from the native side. What I would like to do is to get access to the buffer from the Java side (e.g. as a byte array) without performing a copy opera