Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PEAP authentication for wireless - help

Status
Not open for further replies.

sourcemed

MIS
Sep 30, 2010
3
US
Hello,

I have an Extreme Summit 300-48 switch and several Altitude 300 ap's with which I am trying to configure a wireless LAN with PEAP authentication on a Win2k3 radius server with wpa2/aes encryption.

I've successfully upgraded the switch image to the latest 7.8.3 [ssh]image. I am following the instructions on the document "ExtremeWare User Guide (v 7.8)" and created a security profile. Here are the setting:

SS00-300-48:1 # show security-profile open-wpa2-aes
Profile Name: open-wpa2-aes
ESS Name: sm-wireless
Dot11 Authentication: open
Network Authentication: wpa2
Encryption: aes
User VLAN: wpa-vlan
Use Dynamic VLAN: yes
Reauth. Period: 3600
Group Update Timer: 15
Pairwise Update Timer: 15
SSID in Beacon: on
Interfaces: 8
1:1:1, 1:1:2, 1:2:1, 1:2:2, 1:3:1,
1:3:2, 1:4:1, 1:4:2,

I've followed the MS document "Securing Wireless LANs with PEAP and Passwords" to configure the radius server.

I am now trying to set up the connection from the radius clients (the APs) to the radius server with the command:

configure radius primary server [radius server ip] client-ip [AP ip]

But I get the following error. "No vlan configured with ipaddress 10.132.134.101" That ip being one of my APs. I assigned the IP with the command with no problem:

configure wireless port 1:1 ipaddress 10.132.134.101

I notice that all my wireless ports are disabled, and if I try to enable it I get the error message "Error: Port 1:1 failed due to "IP not on mgmt vlan, and not a virtual port. Enable failed."". I made sure that I put that port on the wireless management vlan with the command

configure wireless management-vlan wlan-mgmt

Can someone help me?
 
I'm getting this error message when I try to get a wireless client to log into the wireless using PEAP

10/13/2010 16:21:56.44 <Info:WLANSYST> <WLAN> Port 1:2:2 Client 00:19:7D:XX:XX:XX Auth Failed (name "802.1x:unknown")
10/13/2010 16:20:25.82 <Info:WLANSYST> <WLAN> Port 1:2:2 Client 00:19:7D:XX:XX:XX Auth Failed (name "802.1x:unknown")
10/13/2010 16:18:55.20 <Info:WLANSYST> <WLAN> Port 1:2:2 Client 00:19:7D:XX:XX:XX Auth Failed (name "802.1x:unknown")
10/13/2010 16:16:29.29 <Info:WLANSYST> <WLAN> Port 1:2:2 Client 00:19:7D:XX:XX:XX Auth Failed (name "802.1x:unknown")

Obviously, the credentials failed. But I'm not sure what user name and password it's trying. Is it even communicating with my radius server? I'm not sure that it is. q
 
Hi,

I might be able to help you with this problem, but need
the Extremeware version 7.8.3 for my summit 300-24 device, and if possible the bootrom code as well.

I am stuck at v772b4.Bxtr and v773b5.Bxtr, bootrom ngboot78.bin and ngboot82.bin.

Please, can you contact me at

m a r k u s o n m o b i l e <at> g m a i l d o t c o m

Thanks,

Mark
 
Sorry,

that was for the I-Series Summits.

Got the v772b4.SFxtr images.

Need v783xx.SFxtr and s200_boot51.bin to be able to set my lab up and to do some testing and configuration.

Please contact me Sourcemed.

Thanks,

Mark
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top