I have Cisco access points with just G radios running the following
version
Cisco IOS Software, C1200 Software (C1200-K9W7-M), Version
12.3(8)JEB1,
I have laptops running XP sp2 with all the patches that I could find
I’m using the Intel 3945abg wireless Adapters and the Proset/wireless
manager with the admin tool kit
I have 2 Cisco access points setup for primary and secondary WDS
I have a SSID setup to do WPA2-PEAP
I authenticate again Microsoft IAS and AD
In general it works except for the following
I will be doing machine authentication against IAS/AD when they boot up
and before the windows login prompt, which will be just like if they are
wired into our network. This way, group policy’s, at machine level will
get applied, network scans and etc can take place.
It works great if a device has never been connected to the network or
the time out flushes the cache authenticated/credentials from the WDS
access point. Or if you reapply the Intel Proset/wireless profile before
a reboot.
Otherwise if on the network and do a reboot and let it sit at the (wait
until credentials are flushed) windows login prompt and wait until you
can ping the device (ping device –t), the following is what you get on
the access point log. Windows does not support EAPOL-Stop or PEAP-Stop
because of denial of service attacks, which would solve this problem if
windows would issue these commands during a reboot.
The following is the logs from cisco access point if I just wait for
the flush timer
Dec 12 08:20:02.429 CST: %DOT11-6-DISASSOC: Interface Dot11Radio0,
Deauthenticating Station 0016.6fca.fb69 Reason: Sending station has left
the BSS
Dec 12 08:20:33.979 CST: %DOT11-7-AUTH_FAILED: Station 0016.6fca.fb69
Authentication failed
Dec 12 08:21:04.012 CST: %DOT11-7-AUTH_FAILED: Station 0016.6fca.fb69
Authentication failed
Dec 12 08:22:07.040 CST: %DOT11-7-AUTH_FAILED: Station 0016.6fca.fb69
Authentication failed
Dec 12 08:22:37.087 CST: %DOT11-7-AUTH_FAILED: Station 0016.6fca.fb69
Authentication failed
Dec 12 08:23:07.184 CST: %DOT11-7-AUTH_FAILED: Station 0016.6fca.fb69
Authentication failed
Dec 12 08:24:11.275 CST: %DOT11-6-ASSOC: Interface Dot11Radio0, Station
MACCESS14 0016.6fca.fb69 Associated KEY_MGMT[WPAv2]
-) Is there a reg key for Intel or Microsoft that will help in this
issue?
-) Is it a configuration problem?
-) is there even a way to fix this issue
------------------------------------------------------------------------
View this thread:
http://www.wirelessforums.org/showthread.php?t=34763
http://www.wirelessforums.org
Similar Threads
Linear Mode
