Funny, I also ran into a bug with 7921 and WLC4400 with Local EAP and EAP-FAST.
It worked on one AP (yeah wpa tkip and CCKM) but when roaming WLC returned error log "user anonymous failed authentication" Got a bugID after filing a TAC Case. It was code 5.x if I remember correctly. WLC seems to be trying to cache the outer identity "anonymous" user but not the correct inner one. But I am not sure. I am soon going to do a extensive test with 7920 and 7921 phones on WLC and see if I can fit this one in. regards. Kristjan ---------------------------------------------------------------------- Message: 1 Date: Thu, 26 May 2011 15:58:01 +1000 From: Leigh Jewell <[email protected]> To: [email protected] Subject: [OSL | CCIE_Wireless] Workbook1: Lab 8.3 Phone Security Message-ID: <[email protected]> Content-Type: text/plain; charset="windows-1252" In the solution guide for configuring local-eap for 7920's you reference a bug CSCsj11323. I did a bit of reading and according to the release notes<http://www.cisco.com/en/US/partner/docs/wireless/controller/release/notes/crn411810.html>this bug was fixed in v4.1.181 *Resolved* CSCsj11323?The 7920 phone fails EAP-FAST authentication when using local EAP authentication on the controller. So I am proposing that given the lab version is 4.2 we don't need to be concerned and local-eap with eap-fast for 7920's is in fact ok. Thoughts ? Regards, Leigh. -- CCIE Blog - http://leigh-cciewireless.blogspot.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: </archives/ccie_wireless/attachments/20110526/426f3ec4/attachment-0001.html> ------------------------------ ------------------------------ Message: 3 Date: Thu, 26 May 2011 09:32:42 -0400 From: Jason Boyers <[email protected]> To: Leigh Jewell <[email protected]> Cc: [email protected] Subject: Re: [OSL | CCIE_Wireless] Workbook1: Lab 8.3 Phone Security Message-ID: <[email protected]> Content-Type: text/plain; charset="windows-1252" Interesting. The Bug Toolkit notes don't list a fixed version, so I was going with that. I'll need to lab it up! Jason Boyers - CCIE #26024 (Wireless) Technical Instructor - IPexpert, Inc. Mailto: *[email protected] * _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
