What you have described almost sounds like there could be some packet fragmentation going on between the radius server and the wireless switch. You could likely determine that with Wireshark. There is an attribute called framed-mtu that may help alleviate the issue if it is due to fragmentation. There is a Microsoft article recommending that be set to 1344 for IAS if you are still seeing this type of issue on the windows server.
http://support.microsoft.com/kb/883389 -Dwayne Vidi Dwayne Vidi DBA / Network Systems Analyst III University of Florida Foundation, Inc. Email: [email protected] Voice: (352) 392-5916 From: Michael Baye [mailto:[email protected]] Sent: Sunday, February 27, 2011 6:46 AM To: Enterasys Customer Mailing List Subject: [enterasys] C4110 + problems with PEAP/MSCHAPv2 Hi, currently we are extending our Aruba based wireless controller based wireless lan with Enterasys C4110 controllers. We setup everything: users login in with user name (802.1x with MSCHAPv2/PEAP) Windows IAS with RADIUS server. This runs great with Aruba. All policies are also used for the enterasys controllers. So what´s the problem with them: - Within Windows XP/Vista/7, Ubuntu 10, after clicking the SSID I´m getting the popup to enter my credentials, i.e. username and password. This is happily forwarded to the RADIUs which is saying (reading the logs), that everything is ok. But then the popup for entering the credentials reappears instead of giving me network access. So, I enter the username/password again, RADIUS says ok, popup reappears, I enter the username/password again, RADIUS says ok, popup reappears, I enter the username/password again, RADIUS says ok, popup reappears, I enter the username/password again, RADIUS says ok, popup reappears,... endless. When I login into the C4110 and test the RADIUS server with the credentials, it says that they are accepted. But it doesn´t work with all the access points. Firmware is latest, btw. Perhaps someone knows where the problem is? Michael • --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] Documents made or received by anyone acting for or on behalf of the UF Foundation are confidential and exempt from F.S. 119.07(1) pursuant to F.S. 1004.28(5) and in accordance with the UF Foundation policy on confidentiality of Foundation documents. --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
