We have an intermittent LWAPP LEAP authentication problem. Does any of the errors below ring any bells with anyone? The application is Vocera (VOIP) authenticating using LEAP. Below is a summary. =============================================================================== The ACS DLL error is a new one, I think it might be the key. Same story, it starts and doesn't stop and all the controllers report the same error. ================================================================================ Here is the error that is occurring on the Controller.
Tue Aug 28 14:17:24 2007 RADIUS server 10.64.2.20:1812 failed to respond to request (ID 125) for client 00:09:ef:02:5f:73 / user 'unknown'
Tue Aug 28 14:17:24 2007 RADIUS server 10.64.2.20:1812 failed to respond to request (ID 124) for client 00:09:ef:02:67:db / user 'unknown' =================================================================================
Here is the error we see in the ACS error logs.
08/28/2007 14:03:40 Authen failed xxxxxx BHS_WAP 00-09-EF-02-63-5E (Default) Radius extension DLL rejected user ================================================================================ Here is an explaination of the error.RADIUS Extension DLL Rejected User Error
Condition
LEAP authentication fails. The error Radius extension DLL rejected user appears in the Failed Attempts log.
Action
To verify configured authentication type:
--------------------------------------------------------------------------------
Step 1 Verify that the correct authentication type has been set on the Access Point. Be certain that, at a minimum, you checked the Network- EAP check box.
Step 2 If you are using an external user database for authentication, verify that ACS supports the database. For information on the external databases that ACS supports, see User Databases, in the User Guide for Cisco Secure Access Control Server. =================================================================================
Does this ring any bells? Are we missing an obvious setting?