I honestly don't know, but I'd love to find out.
Three things I can think of to try...
1) You should be able to specify a vlan for your cypher suite, something like this " encryption vlan mode 90 mode ciphers wep128" You might see if that makes any difference
2) You could try using "encryption mode web mandatory" instead of ciphers.
3) You could try upgrading to the latest IOS version for your AP, and/or open a TAC case.
On May 24, 2004, at 1:55 PM, Chris Bshaw wrote:
Hi Bob....
Config attached.
Also, I should mention the config of the client. I am using a NetGear WG511 802.11g card. I don't have any security features enabled on the utility which comes with the WG511 (no WEP, WPA etc) and there are no options for EAP on this utility.....
I enabled all the EAP stuff via the Authentication tab on the Properties of the interface under Start -> Network and Dialup connections in Windoze.
Under there I have the following set:
Enable network control using IEEE 802.1x
EAP Type: Smart Card or other Certificate
Use a certificate on this computer
....and I select the certificate generated on my freeradius server. This is more or less what is described under http://www.freeradius.org/doc/EAPTLS.pdf.
There is a method in this doc for debugging EAP on the Cisco AP, which I had not noticed before.....I'll try this tomorrow.
Finally, just in case you might not remember from my previous emails, I was (and I think still am) able to see EAPOL packets on my wireless client when I ran ethereal on the wireless interface.
Thanx in advance for your help.
Chris.
_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
<ap-confg>
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
