Cisco Cisco 5520 Wireless Controller Manual Técnica
External Web Authentication Using a RADIUS Server - Cisco Systems
http://kbase/paws/servlet/ViewFile/112134/external-web-radius-00.xml?convertPaths=1[9/28/2010 9:54:00 AM]
b. Make sure Admin Status for the WLAN is Enabled.
c. Make sure the Security Policy for the WLAN shows Web-Auth.
2. Click the
SECURITY menu from the WLC GUI.
a. Make sure Cisco Secure ACS (10.77.244.196) is listed on the page.
b. Make sure the Network User box is checked.
c. Make sure the Port is 1812 and that the Admin Status is Enabled.
Troubleshoot
clearly explains those reasons in detail.
Troubleshooting Commands
Note: Refer to
before you use these
debug commands.
Telnet into the WLC and issue these commands to troubleshoot authentication:
debug aaa all enable
Fri Sep 24 13:59:52 2010: 00:40:96:ac:dd:05 Successful transmission of Authentic
ation Packet (id 1) to 10.77.244.196:1812, proxy state 00:40:96:ac:dd:05-00:01
Fri Sep 24 13:59:52 2010: 00000000: 01 01 00 73 00 00 00 00 00 00 00 00 00 00 0
0 00 ...s............
Fri Sep 24 13:59:52 2010: 00000010: 00 00 00 00 01 07 75 73 65 72 31 02 12 93 c
3 66 ......user1....f
Fri Sep 24 13:59:52 2010: 00000030: 75 73 65 72 31
user1
Fri Sep 24 13:59:52 2010: ****Enter processIncomingMessages: response code=2
Fri Sep 24 13:59:52 2010: ****Enter processRadiusResponse: response code=2
Fri Sep 24 13:59:52 2010: 00:40:96:ac:dd:05 Access-Accept received from RADIUS s
erver 10.77.244.196 for mobile 00:40:96:ac:dd:05 receiveId = 0
Fri Sep 24 13:59:52 2010: AuthorizationResponse: 0x12238db0
Fri Sep 24 13:59:52 2010: structureSize................................89
Fri Sep 24 13:59:52 2010: resultCode...................................0
Fri Sep 24 13:59:52 2010: protocolUsed.................................0x0
0000001
Fri Sep 24 13:59:52 2010: proxyState...................................00:
40:96:AC:DD:05-00:00
Fri Sep 24 13:59:52 2010: Packet contains 2 AVPs:
Fri Sep 24 13:59:52 2010: AVP[01] Framed-IP-Address...................
.....0xffffffff (-1) (4 bytes)
Fri Sep 24 13:59:52 2010: AVP[02] Class...............................
ation Packet (id 1) to 10.77.244.196:1812, proxy state 00:40:96:ac:dd:05-00:01
Fri Sep 24 13:59:52 2010: 00000000: 01 01 00 73 00 00 00 00 00 00 00 00 00 00 0
0 00 ...s............
Fri Sep 24 13:59:52 2010: 00000010: 00 00 00 00 01 07 75 73 65 72 31 02 12 93 c
3 66 ......user1....f
Fri Sep 24 13:59:52 2010: 00000030: 75 73 65 72 31
user1
Fri Sep 24 13:59:52 2010: ****Enter processIncomingMessages: response code=2
Fri Sep 24 13:59:52 2010: ****Enter processRadiusResponse: response code=2
Fri Sep 24 13:59:52 2010: 00:40:96:ac:dd:05 Access-Accept received from RADIUS s
erver 10.77.244.196 for mobile 00:40:96:ac:dd:05 receiveId = 0
Fri Sep 24 13:59:52 2010: AuthorizationResponse: 0x12238db0
Fri Sep 24 13:59:52 2010: structureSize................................89
Fri Sep 24 13:59:52 2010: resultCode...................................0
Fri Sep 24 13:59:52 2010: protocolUsed.................................0x0
0000001
Fri Sep 24 13:59:52 2010: proxyState...................................00:
40:96:AC:DD:05-00:00
Fri Sep 24 13:59:52 2010: Packet contains 2 AVPs:
Fri Sep 24 13:59:52 2010: AVP[01] Framed-IP-Address...................
.....0xffffffff (-1) (4 bytes)
Fri Sep 24 13:59:52 2010: AVP[02] Class...............................