Hi all,
I have been trying to setup my Cisco 871 W router to use LEAP authentication. I am following Cisco's instructions and I haven't added anything else to my config. Each time the wireless client is able to authenticate and associate but is unable to get an IP address. I am pretty sure that's the only problem, because when I assign the wireless client an IP address manually, it works. I have also tried using no authentication and WEP only ssid before, and it results in the same thing.
Thanks in advance! Lorraine
The Cisco instructions I am following:
Building configuration...
Current configuration : 5584 bytes ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname yourname ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! aaa new-model ! ! aaa group server radius rad_eap server 10.10.10.1 auth-port 1812 acct-port 1813 ! aaa authentication login eap_methods group rad_eap
aaa session-id common ! resource policy ! ip cef no ip dhcp use vrf connected ip dhcp excluded-address 10.10.10.1 10.10.10.9 ip dhcp excluded-address 10.10.10.14 10.10.10.254 ip dhcp excluded-address 10.10.10.9 255.255.255.248 ip dhcp excluded-address 10.10.10.9 ! ip dhcp pool sdm-pool import all network 10.10.10.0 255.255.255.248 default-router 10.10.10.1 lease 0 2 ! ip dhcp pool wireless-pool import all network 10.10.10.8 255.255.255.248 dns-server 206.13.29.12 206.13.30.12 default-router 10.10.10.9 ! ! no ip domain lookup ip domain name yourdomain.com ! ! crypto pki trustpoint TP-self-signed-3497546131 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3497546131 revocation-check none rsakeypair TP-self-signed-3497546131 ! ! crypto pki certificate chain TP-self-signed-3497546131 certificate self-signed 01 3[cert stuff] quit username [username] privilege 15 secret 5 [secret] ! ! ! bridge irb ! ! ! interface FastEthernet0
interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 no ip address shutdown duplex auto speed auto ! interface Dot11Radio0 no ip address ! encryption key 1 size 128bit 0 [wep] transmit-key encryption mode wep mandatory ! ssid VestaraLeapNet authentication open eap eap_methods authentication network-eap eap_methods ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0
36.0 48.0 54.0 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$ ip address 10.10.10.1 255.255.255.248 ip tcp adjust-mss 1452 ! interface BVI1 ip address 10.10.10.9 255.255.255.248 ! ip route 10.10.10.8 255.255.255.248 BVI1 ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ! no cdp run ! ! radius-server local nas 10.10.10.1 key 0 cisco user someuser nthash 7 [password] ! radius-server host 10.10.10.1 auth-port 1812 acct-port 1813 key cisco ! control-plane ! bridge 1 protocol ieee bridge 1 route ip banner login ^C [banner stuff] ^Cline con 0 no modem enable line aux 0 line vty 0 4 privilege level 15 transport input telnet ssh ! scheduler max-task-time 5000 end