(Additional Infor) Re: (RADIATOR) RADIATOR RADIUS for Cisco AP 350

Bon sy bon at bunny.cs.qc.edu
Mon Nov 11 09:52:18 CST 2002 

Hi Huge and others,

	Here is the additional information about the setup on the Cisco
side and the test conducted so far:

I have followed the instruction in the security setup documentation. But I
have not been able to do even just the basic MAC address
authentication. The setup in the Cisco side, according to the
documentation, is as followed:

1.(Setup -> Address Filter) I have set "yes" to select  the option called
Lookup MAC Address on Authentication Server if not in Existing Filter
List. With this option enabled. I have also entered the MAC address of the
AP in the "Allowed" addresses list.

2. (setup -> security -> authentication server) I have entered the IP,
shared secret, and port # for the RADIUS, and checked "MAC address
authentication" (and selected "draft 10").

3. (setup -> security -> Radio WEP) I have set "Optional" in the "Use of
Data Encryption by the station", and checked "Open" and "Shared" in the
"Accept Authentication Type", with all other options (including require
EAP) unchecked. I have also set up a 128-bit WEP key with default
"Transmit with key".

4.  (setup -> AP radio -> advanced Primary SSID setup) I set
"Disallowed" for  Default Unicast Address Filter corresponding to (Accept
Authentication Type) "Open" and "Shared".


After saving all the settings, I tested it using a Symbol card on a
Pocket PC (CE OS). It authenticates successfully on the RADIATOR with APs
of other vendors. I also see the packets of RADIUS protocol sent to RADIUS
when I monitored using Ethereal. 

But when I tested it on Cisco AP 350 and monitored using Ethereal, I did
not see the Cisco AP 350 sends out any packets with RADIUS protocol to the
RADIUS.

Can anyone help and offer insights into what I might have missed. Many
thanks in advance!

Bon



On Mon, 11 Nov 2002, Bon sy wrote:

> Hi Huge and others,
> 
> 	Anyone in the list has ever tried to set up RADIATOR to work with
> Cisco AP 350/352. The system and radio firmware versions are 12.00T and
> 5.02B respectively. 
> 
> 	I started with very basic "MAC authentication" (under
> setup -> security -> authentication server). But the RADIATOR does not
> seem to pick up. The configuration that I added to the RADIATOR config
> file is just simply 
> 
> <Client 192.123.168.101>
>    secret SharedSecret
>    DupInterval 0
> </client>
> 
> 	As a side note, the same RADIATOR config file works for Orinoco
> AP-500 and AP-1000, but not for Cisco Ap 350. I wonder anyone in the list
> can shed lights on the proper settings on the side of the Cisco AP 350
> that I should start checking. 
> 
> 	Many thanks in advance!
> 
> Bon
> 
> 
> 
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list