Anyone can help me please?
Thanks, Antonio
on 30/03/2006 17.39 Antonio Matera said the following:
hi,
ok, now the authentication request works (the problem was that if I
restart the AP I lost this configuration. How can I save it using the
web configuration?)
Now the log is the following:
hi,
ok, now the authentication request works (the problem was that if I
restart the AP I lost this configuration. How can I save it using the
web configuration?)
Now the log is the following:
rad_recv: Access-Request packet from host 192.168.9.104:1645, id=19,
length=166
User-Name =
--On 30 March 2006 09:56 +0200 Antonio Matera
<[EMAIL PROTECTED]> wrote:
In my log after the MAC address there isn't any information on the SSID.
In the log i haven't information on the SSID but in my aP
configuration I have the radius-server vsa send accounting:
Hi to all,
I have modified my users file:
user1 Auth-Type := EAP,
Cisco-AVPair := "ssid=SSID1"
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = 2,
Tunnel-Type = VLAN
user2 Auth-Type := EAP,
Cisco-AVPair := "ssid=SSID2"
Tunnel-Med
Antonio Matera <[EMAIL PROTECTED]> wrote:
> the authentication works fine but , for example, if I connect the WinXP
> client on the SSID1 with the certificate user of the VLAN2, I have this
> situation:
> The client is connected to the VLAN2 but the SSID of the wireless
> connection is SSID1.
Hi Antonio,
If you're using the Cisco-AVPair as a check item, it *must* be on the
first line of the user entry. e.g.
user1Auth-Type := EAP, Cisco-AVPair := "ssid=SSID1"
... reply items here, one per line...
If you want to configure it as a reply item, it should be...
Cisco-AVPair = "ssid=SS
Hallo,
now I have the users configured as follow:
user1Auth-Type := EAP
Cisco-AVPair := "ssid=SSID1",
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = 2,
Tunnel-Type = VLAN
user2Auth-Type := EAP
Cisco-AVPair := "ssid=SSID2",
The Cisco-AVPair mechanism is a mutation of the standard VSA mechanism. Cisco
uses a single Vendor ID but wanted to use many VSAs. The limit with a
single Vendor ID is 255 (IIRC).
So, Cisco's Vendor Specific Attribute number 1 is "Cisco-AVPair".
They then create "sub-VSAs" within that VSA using
--On Wednesday, March 29, 2006 12:20:57 +0200 Antonio Matera
<[EMAIL PROTECTED]> wrote:
Hallo, thanks for the replies.
If I insert only the Cisco-AVPair attribute, it doesn't work...
Now I try the "radius-server vsa send authentication" command...
It is a AP console command? It is possible
Hallo, thanks for the replies.
If I insert only the Cisco-AVPair attribute, it doesn't work...
Now I try the "radius-server vsa send authentication" command...
It is a AP console command? It is possible to set this command from the
AP web interface?
I haven't experience with the console settin
--On Wednesday, March 29, 2006 09:11:13 +0100 Guy Davies
<[EMAIL PROTECTED]> wrote:
You *may* need to change them from being check attributes to reply
attributes if your AP doesn't actually send those attributes with an
Access-Request. In that case, you send the Cisco-AVPair =
"SSID=SSIDn"
Yes, just use the Cisco AV Pair to say
user1 Auth-Type := EAP, Cisco-AVPair := "SSID=SSID1"
user2 Auth-Type := EAP, Cisco-AVPair := "SSID=SSID2"
That would force user1 to only associate to SSID1 and user2 to only
associate to SSID2.
You *may* need to change them from being check attributes to
Hallo,
I have a problem with the authentication on different VLAN.
I write for you my example:
I have two VLAN (VLAN1 and VLAN2) conneccted to two SSID (SSID1 and
SSID2) on my Cisco 1200 AP. I have the same authentication on both
connection (EAP-TLS).
In my users file I have two user:
user1
13 matches
Mail list logo