First - does the 1121 connect and repeat traffic properly without security enabled? Please verify that first. For the 1121 client config, what form of authentication are you using - LEAP, EAP-FAST, or EAP-TLS? Those are the only three types that the APs can use as clients. Also, are you using WDS?
Jason Boyers, CCIE #26024 (Wireless) Blog: netboyers.wordpress.com On Mon, Nov 19, 2012 at 12:19 PM, Kumar Gollapudi <[email protected]>wrote: > Hi Jason, > > Sorry, I didn't configured any extra config on 1121 to authenticate with > 1142.*(Also, your configuration doesn't show how the 1121 is actually > sending credentials to the 1142)*. > > Could you help me with the config what to be configured to authencticate > with Root device. > > Thanks > Kumar G > > > On Mon, Nov 19, 2012 at 10:35 PM, Jason Boyers <[email protected]> wrote: > >> The parent should never be a BVI - only radios can be parents. Also, >> have you tried to associate without using encryption and without the >> mac-list on the 1142? That is always the first step - get the association >> to work, then add security to that. Otherwise, you run into the issue of >> not knowing what is causing the problem - the wireless component or the >> security component. Also, your configuration doesn't show how the 1121 is >> actually sending credentials to the 1142. That needs to be configured, and >> the configuration will depend on the EAP type used. >> >> Jason Boyers, CCIE #26024 (Wireless) >> Blog: netboyers.wordpress.com >> >> >> On Mon, Nov 19, 2012 at 9:19 AM, Kumar Gollapudi <[email protected]>wrote: >> >>> Hi, >>> >>> There is a challenge in configuring Cisco Access Point 1121 into >>> Repeater Mode with Root Station AP 1142. The Root station has two Radio's 0 >>> & 1 (2.4 Ghz & 5.Ghz). We configurfed to associate the Cisco AP 1121 on >>> both Radio Stations & BVI1. But its trying to assoicate with 1142 with lot >>> of error's. >>> >>> '%DOT11-4-CANT_ASSOC: Interface Dot11Radio0, cannot associate: Not >>> specified parent >>> >>> %DOT11-4-CANT_ASSOC: Interface Dot11Radio0, cannot associate: No Response >>> >>> %DOT11-4-CANT_ASSOC: Interface Dot11Radio0, cannot associate: Rcvd >>> response from >>> >>> Actually the Root Stations has been configured with MAC & AD based >>> authenticatoin to associate the client devices(laptops). Looking for your >>> valuable suggestions on the issue. >>> >>> >>> >>> >>> >>> *On Root Station: (Standalone Cisco 1142 Access Point)* >>> >>> >>> >>> dot11 ssid AC-CORP-WIFI-IND >>> >>> authentication open eap eap_methods1 >>> >>> authentication network-eap eap_methods1 >>> >>> authentication key-management wpa >>> >>> >>> >>> interface Dot11Radio0 >>> >>> no ip address >>> >>> no ip route-cache >>> >>> ! >>> >>> encryption mode ciphers aes-ccm >>> >>> ! >>> >>> ssid XXXXXXX >>> >>> ! >>> >>> speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0 >>> >>> station-role root >>> >>> dot1x reauth-period 3 >>> >>> bridge-group 1 >>> >>> bridge-group 1 subscriber-loop-control >>> >>> bridge-group 1 block-unknown-source >>> >>> no bridge-group 1 source-learning >>> >>> no bridge-group 1 unicast-flooding >>> >>> bridge-group 1 spanning-disabled >>> >>> >>> >>> dot11 association mac-list xxxx >>> >>> ip radius source-interface BVI1 >>> >>> >>> >>> >>> >>> *On Repeater Device: (Cisco Access 1121) >>> * >>> >>> >>> >>> dot11 ssid XXXXXXXXXX >>> >>> authentication open eap eap_methods1 >>> >>> authentication network-eap eap_methods1 >>> >>> authentication key-management wpa >>> >>> infrastructure-ssid optional >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> interface Dot11Radio0 >>> >>> no ip address >>> >>> no ip route-cache >>> >>> ! >>> >>> encryption mode ciphers aes-ccm >>> >>> ! >>> >>> ssid AC-CORP-WIFI-IND >>> >>> ! >>> >>> speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0 >>> >>> station-role repeater >>> >>> dot1x reauth-period 3 >>> >>> parent 1 xxxx.xxxx.xxxx (BVI1) >>> >>> parent 2 xxxx.xxxx.xxxx (Dot11Radio0) >>> >>> parent 3 xxxx.xxxx.xxxx (Dot11Radio1) >>> >>> bridge-group 1 >>> >>> bridge-group 1 subscriber-loop-control >>> >>> bridge-group 1 block-unknown-source >>> >>> no bridge-group 1 source-learning >>> >>> no bridge-group 1 unicast-flooding >>> >>> bridge-group 1 spanning-disabled >>> Thanks >>> Kumar G >>> >>> >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, >>> please visit www.ipexpert.com >>> >>> Are you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>> >>> >> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
