Cisco 1200 AP
I have configured a Cisco 1200 AP for WPA2-PSK which is working with a wireless device able to connect OK. I have tried to add MAC authentication using the FreeRadius server, but have not been able to get it working. I can see from the FreeRadius log that the AP is sending the Access-Request packet and an Access-Accept response is being returned but the wireless device is unable to connect. Has anyone setup this configuration and got it working? Regards, John - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cisco 1200 AP
Hi, 1200 AP is running c1200-k9w7-mx.123-8.JEB1 -- John Julian Stöver wrote: Hello, which firmware version? bye julian Am 05.02.2008 um 17:05 schrieb John Melton: I have configured a Cisco 1200 AP for WPA2-PSK which is working with a wireless device able to connect OK. I have tried to add MAC authentication using the FreeRadius server, but have not been able to get it working. I can see from the FreeRadius log that the AP is sending the Access-Request packet and an Access-Accept response is being returned but the wireless device is unable to connect. Has anyone setup this configuration and got it working? Regards, John - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius v.2.0.1 and Cisco 1200AP IOS V.12.3
I have found a Cisco document (FAQ-Wireless-Security.pdf) with the following statement: Q. Why does MAC authentication not work with Wi−Fi Protected Access (WPA) in Cisco IOS Software Release 12.3(8)JA2? A. The only level of security for MAC authentication is to check the MAC address of the client against a list of permitted MAC addresses. This is considered very weak. In earlier Cisco IOS Software releases, you could configure MAC authentication and WPA to encrypt the information. But because WPA itself has a MAC address that checks, Cisco decided not to allow this type of configuration in later Cisco IOS Software releases and decided only to improve security features. Regards, John On 5 Feb 2008, at 20:04, [EMAIL PROTECTED] wrote: Hi, When installing FreeRadius 2.0.1, the only thing you should need is to add this to /etc/raddb/users usernameCleartext-Password := thepassword ..and the clients file (and maybe even the firewall on the server! ;-) ) so that the AP acting as a NAS can talk to FR :-) ...and it should work. If it doesn't, by far the most likely explanation is that you have the Cisco AP configured incorrectly; you will need to examine the Cisco documentation, this is not a Cisco support list. agreed. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html