Network Topology
Topo:
Problem Description
The LDAP server returns an error message and the IMC page displays the following error message:
Process Analysis
1. The customer uses non-EIA embedded certificates with wireless networking and does not use inodes.
2.mschapv2 configuration is incorrect.
Solution
1.import certificate or using embedded certificate.Note the validity period of the certificate if you use an EIA move-in certificate.
2.configure MS-CHAPv2 Authentication parameters,
3.Obtain and execute the VBS script for changing the computer password.You need to import the script into LDAP Server and modify the execution.
4.AC key configurations:
#
wlan service-template wlan2
ssid wlan2
vlan 101
akm mode dot1x
cipher-suite ccmp
security-ie rsn
client-security authentication-mode dot1x
dot1x domain cert
service-template enable
#
#
radius scheme test
primary authentication 10.67.132.200
primary accounting 10.67.132.200
secondary authentication 10.67.132.201
secondary accounting 10.67.132.201
key authentication cipher $c$3$/21VqAltu/cIxC4a2OUcijYP8jjqPnqACw==
key accounting cipher $c$3$o1ZpSJOZAtWkJl21TCuyOv4k5q2U4ixPJw==
nas-ip 10.67.132.202
#
domain cert
authentication lan-access radius-scheme test
authorization lan-access radius-scheme test
accounting lan-access radius-scheme test
#