Hello,
I have an Extreme Summit 300-48 switch and several Altitude 300 ap's with which I am trying to configure a wireless LAN with PEAP authentication on a Win2k3 radius server with wpa2/aes encryption.
I've successfully upgraded the switch image to the latest 7.8.3 [ssh]image. I am following the instructions on the document "ExtremeWare User Guide (v 7.8)" and created a security profile. Here are the setting:
SS00-300-48:1 # show security-profile open-wpa2-aes
Profile Name: open-wpa2-aes
ESS Name: sm-wireless
Dot11 Authentication: open
Network Authentication: wpa2
Encryption: aes
User VLAN: wpa-vlan
Use Dynamic VLAN: yes
Reauth. Period: 3600
Group Update Timer: 15
Pairwise Update Timer: 15
SSID in Beacon: on
Interfaces: 8
1:1:1, 1:1:2, 1:2:1, 1:2:2, 1:3:1,
1:3:2, 1:4:1, 1:4:2,
I've followed the MS document "Securing Wireless LANs with PEAP and Passwords" to configure the radius server.
I am now trying to set up the connection from the radius clients (the APs) to the radius server with the command:
configure radius primary server [radius server ip] client-ip [AP ip]
But I get the following error. "No vlan configured with ipaddress 10.132.134.101" That ip being one of my APs. I assigned the IP with the command with no problem:
configure wireless port 1:1 ipaddress 10.132.134.101
I notice that all my wireless ports are disabled, and if I try to enable it I get the error message "Error: Port 1:1 failed due to "IP not on mgmt vlan, and not a virtual port. Enable failed."". I made sure that I put that port on the wireless management vlan with the command
configure wireless management-vlan wlan-mgmt
Can someone help me?
I have an Extreme Summit 300-48 switch and several Altitude 300 ap's with which I am trying to configure a wireless LAN with PEAP authentication on a Win2k3 radius server with wpa2/aes encryption.
I've successfully upgraded the switch image to the latest 7.8.3 [ssh]image. I am following the instructions on the document "ExtremeWare User Guide (v 7.8)" and created a security profile. Here are the setting:
SS00-300-48:1 # show security-profile open-wpa2-aes
Profile Name: open-wpa2-aes
ESS Name: sm-wireless
Dot11 Authentication: open
Network Authentication: wpa2
Encryption: aes
User VLAN: wpa-vlan
Use Dynamic VLAN: yes
Reauth. Period: 3600
Group Update Timer: 15
Pairwise Update Timer: 15
SSID in Beacon: on
Interfaces: 8
1:1:1, 1:1:2, 1:2:1, 1:2:2, 1:3:1,
1:3:2, 1:4:1, 1:4:2,
I've followed the MS document "Securing Wireless LANs with PEAP and Passwords" to configure the radius server.
I am now trying to set up the connection from the radius clients (the APs) to the radius server with the command:
configure radius primary server [radius server ip] client-ip [AP ip]
But I get the following error. "No vlan configured with ipaddress 10.132.134.101" That ip being one of my APs. I assigned the IP with the command with no problem:
configure wireless port 1:1 ipaddress 10.132.134.101
I notice that all my wireless ports are disabled, and if I try to enable it I get the error message "Error: Port 1:1 failed due to "IP not on mgmt vlan, and not a virtual port. Enable failed."". I made sure that I put that port on the wireless management vlan with the command
configure wireless management-vlan wlan-mgmt
Can someone help me?