Cisco Cisco Aironet 1552WU Outdoor Access Point 릴리즈 노트
18
Release Notes for Cisco Aironet Access Points and Bridges for Cisco IOS Release 15.2(2)JB
OL-28357-01
Important Notes
Non-Cisco Aironet Clients Sometimes Fail 802.1X Authentication
Some non-Cisco Aironet client adapters do not perform 802.1X authentication to the access point unless
you configure Open authentication with EAP. To allow both Cisco Aironet clients using LEAP and
non-Cisco Aironet clients using LEAP to associate using the same SSID, you might need to configure
the SSID for both Network EAP authentication and Open authentication with EAP.
you configure Open authentication with EAP. To allow both Cisco Aironet clients using LEAP and
non-Cisco Aironet clients using LEAP to associate using the same SSID, you might need to configure
the SSID for both Network EAP authentication and Open authentication with EAP.
Pings and Link Tests Sometimes Fail to Clients with Both Wired and Wireless
Network Connections
Network Connections
When you ping or run a link test from an access point to a client device installed in a PC running
Microsoft Windows 2000, the ping or link test sometimes fails when the client has both wired and
wireless connections to the LAN. Microsoft does not recommend this configuration. For more
information, refer to Microsoft Knowledge Base article 157025 at this URL:
Microsoft Windows 2000, the ping or link test sometimes fails when the client has both wired and
wireless connections to the LAN. Microsoft does not recommend this configuration. For more
information, refer to Microsoft Knowledge Base article 157025 at this URL:
Layer 3 Mobility Not Supported on Repeaters and Workgroup Bridges
Repeater access points and workgroup bridges cannot associate to an SSID that is configured for Layer
3 mobility. Layer 3 mobility is not supported on repeaters and workgroup bridges.
3 mobility. Layer 3 mobility is not supported on repeaters and workgroup bridges.
Hardware Limitation in Cisco Aironet 1250 and 1140 Series Access Points
The beacons on the Cisco Aironet 1250 and 1140 access points can only have output at intervals that are
multiples of 17 milliseconds. When these access points are configured for a 100-millisecond beacon
interval, they transmit beacons every 102 milliseconds. Similarly, when the beacon interval is configured
for 20 milliseconds, these access points transmit beacons every 17 milliseconds.
multiples of 17 milliseconds. When these access points are configured for a 100-millisecond beacon
interval, they transmit beacons every 102 milliseconds. Similarly, when the beacon interval is configured
for 20 milliseconds, these access points transmit beacons every 17 milliseconds.
Potential RFC 3748 Violation
When the following command is configured under the SSID settings (for LEAP authentication):
authentication client username <WORD> password [0 | 7] <LINE>
if the first access-challenge returned by the Radius server after the access-request from the access point
is not for the LEAP method but for EAP-MD5, the access point violates RFC 3748.
is not for the LEAP method but for EAP-MD5, the access point violates RFC 3748.
Instead of sending an EAP NAK requesting LEAP authentication, the access point sends the user's
credentials with EAP-MD5 and drops the derived keys, since it cannot read the EAP-MD5 from the
access-accept.
credentials with EAP-MD5 and drops the derived keys, since it cannot read the EAP-MD5 from the
access-accept.
This violates RFC 3748.
The workaround for this is to use the commands
dot1x credentials
and
dot1x eap profile
for LEAP
authentication.
For configuration procedures, see the Cisco IOS Software Configuration Guide for Cisco Aironet Access
Points.
Points.