mccullrr
Technical User
- Mar 6, 2006
- 71
Hello all. I am setting up several WDS APs via Cisco's documentation. I am also using WLSE to monitor these devices. I have set up my WDS AP and several infrastructure APs, it all looks to be set up correctly. I can see on the WDS AP that it finds and registers all other AP's. My problem is on my WLSE. I am getting the error - WLSE failed to authenticate with the WDS. Where am I going wrong. Can you look at my config and tell me what I need to add in order to correct this error message.
Thanks!!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Rogers2_1_3A-G33
!
enable secret 5
enable password 7 !
clock timezone R -5
clock summer-time R recurring
ip subnet-zero
no ip domain lookup
!
!
aaa new-model
!
!
aaa group server radius rad_eap
server 10.1.255.250 auth-port 1645 acct-port 1646
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa group server radius Rogers
server 10.1.255.250 auth-port 1645 acct-port 1646
!
aaa group server radius Clients
server 10.1.255.250 auth-port 1645 acct-port 1646
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login method_Rogers group Rogers
aaa authentication login method_Clients group Clients
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
!
dot11 ssid Rogers
vlan 441
authentication open mac-address mac_methods
guest-mode
!
dot11 ssid tsunami
vlan 544
authentication open
authentication network-eap eap_methods
authentication key-management cckm
!
!
!
username 12345 privilege 15 password 7
!
bridge irb
!
!
interface Dot11Radio0
no ip address
ip helper-address 10.1.255.251
no ip route-cache
!
encryption mode ciphers ckip-cmic
!
encryption vlan 544 key 1 size 128bit 7
encryption vlan 544 key 2 size 128bit 7 transmit-key
encryption vlan 544 mode ciphers ckip-cmic
!
ssid Rogers
!
ssid tsunami
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
channel 2462
station-role root
rts threshold 2312
antenna receive right
antenna transmit right
!
interface Dot11Radio0.1
encapsulation dot1Q 1
no ip route-cache
!
interface Dot11Radio0.441
encapsulation dot1Q 441
no ip route-cache
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
bridge-group 3 spanning-disabled
!
interface Dot11Radio0.544
encapsulation dot1Q 544 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.1
encapsulation dot1Q 1
no ip route-cache
!
interface FastEthernet0.441
encapsulation dot1Q 441
no ip route-cache
bridge-group 3
no bridge-group 3 source-learning
bridge-group 3 spanning-disabled
!
interface FastEthernet0.544
encapsulation dot1Q 544 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 10.1.44.3 255.255.255.0
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path ip radius source-interface BVI1
!
snmp-server community abcd RO
snmp-server community abcd RW
snmp-server community admin RW
snmp-server enable traps tty
radius-server attribute 32 include-in-access-req format %h
radius-server host 10.1.255.250 auth-port 1645 acct-port 1646 key 7
radius-server vsa send accounting
!
control-plane
!
bridge 1 route ip
!
!
wlccp ap username Rogers2_1_3A-G33 password 7
wlccp authentication-server infrastructure method_Rogers
wlccp authentication-server client any method_Clients
wlccp wds priority 254 interface BVI1
!
line con 0
password 7
line vty 0 4
password 7
line vty 5 15
!
sntp server 10.1.44.1
sntp server
sntp broadcast client
end
Thanks!!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Rogers2_1_3A-G33
!
enable secret 5
enable password 7 !
clock timezone R -5
clock summer-time R recurring
ip subnet-zero
no ip domain lookup
!
!
aaa new-model
!
!
aaa group server radius rad_eap
server 10.1.255.250 auth-port 1645 acct-port 1646
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa group server radius Rogers
server 10.1.255.250 auth-port 1645 acct-port 1646
!
aaa group server radius Clients
server 10.1.255.250 auth-port 1645 acct-port 1646
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login method_Rogers group Rogers
aaa authentication login method_Clients group Clients
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
!
dot11 ssid Rogers
vlan 441
authentication open mac-address mac_methods
guest-mode
!
dot11 ssid tsunami
vlan 544
authentication open
authentication network-eap eap_methods
authentication key-management cckm
!
!
!
username 12345 privilege 15 password 7
!
bridge irb
!
!
interface Dot11Radio0
no ip address
ip helper-address 10.1.255.251
no ip route-cache
!
encryption mode ciphers ckip-cmic
!
encryption vlan 544 key 1 size 128bit 7
encryption vlan 544 key 2 size 128bit 7 transmit-key
encryption vlan 544 mode ciphers ckip-cmic
!
ssid Rogers
!
ssid tsunami
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
channel 2462
station-role root
rts threshold 2312
antenna receive right
antenna transmit right
!
interface Dot11Radio0.1
encapsulation dot1Q 1
no ip route-cache
!
interface Dot11Radio0.441
encapsulation dot1Q 441
no ip route-cache
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
bridge-group 3 spanning-disabled
!
interface Dot11Radio0.544
encapsulation dot1Q 544 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.1
encapsulation dot1Q 1
no ip route-cache
!
interface FastEthernet0.441
encapsulation dot1Q 441
no ip route-cache
bridge-group 3
no bridge-group 3 source-learning
bridge-group 3 spanning-disabled
!
interface FastEthernet0.544
encapsulation dot1Q 544 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 10.1.44.3 255.255.255.0
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path ip radius source-interface BVI1
!
snmp-server community abcd RO
snmp-server community abcd RW
snmp-server community admin RW
snmp-server enable traps tty
radius-server attribute 32 include-in-access-req format %h
radius-server host 10.1.255.250 auth-port 1645 acct-port 1646 key 7
radius-server vsa send accounting
!
control-plane
!
bridge 1 route ip
!
!
wlccp ap username Rogers2_1_3A-G33 password 7
wlccp authentication-server infrastructure method_Rogers
wlccp authentication-server client any method_Clients
wlccp wds priority 254 interface BVI1
!
line con 0
password 7
line vty 0 4
password 7
line vty 5 15
!
sntp server 10.1.44.1
sntp server
sntp broadcast client
end
