MAC filter via ACS for SSID using WPA2 PSK

I HAV a SSID using WPA2/PSK for the safety of the L2. I would like to add filters mac via an external radius server. I just finished the configuration of the mac via external RADIUS Filter, but it does not work. PSK is supported with an external filter MAC? I am running the latest 6.X on the controller

I came across this problem on a controller of 5508 using v6.0 - something (6.0.182 I think). Turns out be a fixed a bug (CSCta53985) in 6.0.188. Updated to 6.0.188 and used successfully ACS 5.1 for MAC filter with WPA2 PSK SSID.

See the 6.0.188 release notes http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn6_0_188.html#wp605409

Tags: Cisco Wireless

Similar Questions

  • Computer connect using wpa2-psk, but wifi error detected every 20 seconds.

    I have xp sp3 and belkin F7d4101 game adapter, I can connect using wpa2-psk, but wifi protected setup will work not (error found). If I can't use wifi how it stop coming every 20 seconds.

    Also the adapter can't access all of my computer or the command prompt. I get to connection 17, bulbs work but the wifi light flashes. (2 lights).

    Any help I can get I would be gratefull.

    I do not have a web cam, I figured out that in the House use a different configuration. It won't work.

    I'm connected because I answer, the adapter, I can't see what about that, I have it plugged into the usb port and it works. I'll try to delete everything on it and start again, but I can't access it from the command prompt or windows workstation.
    I fixed the wifi window to come every 20 sec with user profile Hive Cleaner and windows zero CONF. fix, I do not know who did the trick but it closed the window boring and stopped my wireless to modify different config (or earlier).

  • Old laptop has only WEP in the drop-down list of options wifi, I need to do using WPA2-PSK. How to do it?

    It's an old Toshiba laptop Satellite Pro M10 with an Intel PRO/wireless LAN 2100 3B Mini PCI adapt (whatever that means!), I did all the updates of Windows, but when I try and establish a connection wifi encryption options of data only from the drop-down are 'disabled' and 'WEP '.

    I checked on the Toshiba site and downloaded the latest wifi and internet updates, I even tried Intel Update site, but they have nothing appropriate (something to do with Toshiba, make changes to drivers for Intel do not offer updates).

    It connects to the internet without problem if I use a cable, but it's not really practical, wifi would be much better.

    Can anyone suggest something to make my laptop use/recognize the WPA2-PSK?

    Thank you very much

    I talked to Toshiba, very nice chap called Daniel spent 30 minutes on the phone and found a very old and apparently obscure update for me to download. Once this has been done the phone was able to connect to the router WPA2-PSK using WEP. Not too sure exactly what the update does but at least it will now connect to modern wi - fi, even if it is only at 11 Mbit / s. apparently, it's as much as the material can handle!

  • WRT610N & ext HD via USB (for the use of NAS)-can not move files to the external

    Linksys WRT610N v1
    -Firmware Version: 1.00.03 B15 (updated about a month ago)

    Western Digital My Book Mirror Edition 2 TB model # WDH2U20000
    - http://www.wdc.com/en/products/products.asp?driveid=466
    -NTFS,
    -mapped with my M: drive, and
    -named WD 2 TB-MIRROR.

    HP laptop (Windows 7 Professional 32-bit)
    -normally wireless, but currently hard connected via Cat-5 Ethernet cable.
    -That is the only computer at home and I'm (of course) the admin ".»

    While I'm the 'computer' guy for family and friends, I turned in the novice because of this; I'm lost and feel beaten.  Please be as complete as possible with instructions/answers.  Guess I'm a noob.

    My plan is to use the WD external hard drive as a backup of my files and run the music/movies, etc out of it to my TV installation / audio salon through my Playstation3 or whatever.  My problem is simply to obtain the files copied to the external hard drive.  And being that this is a fairly simple HDD, I think that the issue could be with the USB (SIN) / configuration of the connection through the router.  That, or maybe there are authorization implementation issues.  I know that the HD has a setting for the mode 'sleep' - I did get to a point where I can adjust.  Anyway, I was able to get a record created but nothing to copy.  Then, I was (finally) able to delete the folder, etc..  I don't know if I'm missing some configuration/installation or if the scenario is just climbing.

    And for those of you who know software MioNet and/or WD Anywhere Backup provided with outside, I have installed the software on my computer laptop but has not been signed by all accounts and do not use them.  So I think that they are not a factor.  Just thought I would include this info just in case it is important.

    Here are several screenshots which can help you diagnose my problem:

    On the router configuration page, rather than share the public folder, share the whole score. Once done, on the computer, map the drive and check.

  • What hp printers use wpa2-psk (aes)

    You will have to update my HP printer. New router wants to use the newer wpa - psk (aes), want to buy HP even. Don't see this info on any of the descriptions of the newer printers. Help.

    Hello and welcome to the HP support community!

    WPA - psk (TKIP or AES) is pretty standard these days.  Looking at my years OfficeJet Pro 8600 he supports this method and easy is the way in which I connected to my home network.

    We just installed a more recent 8610 at the office, and he had no problem with the wpa/wpa2 encryption scheme either!

    I think that you will be safe with any current HP printer that offers wireless connectivity.

    WyreNut

  • MAC filter list giving problems on EA6500 with bridge

    Hello

    installed a router EA6500 and WUMC710 bridge.

    I tried using the MAC filter option and included all my wireless devices, including the WUMC710 bridges.  The MAC filter works great for wireless computers and smart phones.

    It also works for bridges, the bridge is accessible from the network and can be opened for installation.  However, all devices connected to the bridge are considered to be wireless devices.  No, problem, can live with that.  For example, included the MAC addresses of these devices (Media Player, desktop,...).

    Even when I've included these devices, attached to bridges, they cannot access the network or accessed via the network.  For some reason, the router seems to make a difference between wireless devices, directly attached to the router and devices are connected to the WUMC710 bridge.

    When I do not use the MAC filter, the devices work properly.

    With my old router / bridge configuration, I never knew that the devices connected to the bridge where the as wireless devices.

    Someone at - it experience with this problem?  Is this a problem with the gateway or router?

    MAC addresses that you enter for the devices connected on the WUMC710 should be the LAN mac addresses. You must also include the mac address of the WUMC710 instead of just the mac address of LAN wireless. It is the way in which the bridge is designed to work if you have the mac address filtering is enabled in the router. Got this info from this link: http://homecommunity.cisco.com/t5/Access-Points/WUMC710-MAC-Address-issues-when-using-MAC-Filtering/....

  • Satellite L505 - WPA2-PSK does not work, but works of WPA - PSK

    Hello

    I have a Satellite L505 and I tried to use WPA2-PSK security to connect to my Netgear DGN2000 router, since I read that only this authentication allows speed Wireless-N, but it does not work. I chose it as the mode to use on the router and Windows 7 64 bit on my laptop, so everything should work properly. If I set everything up to use WPA - PSK, then I can connect us, but the connection is terrible, even when I put the phone right next to the router. It indicates the quality of the signal is excellent and that it is connected to 54Mbs, but if I set up a ping to the router I can see over time, it goes up to 4 seconds and continually to expire. This means that the internet is unusable wireless.

    For this reason, I was hoping I could get Wireless N work and I hope that the connection would be better. Someone can tell me why WPA - PSK works but not WPA2-PSK? (I tried versions of the AES and TKIP)

    Hello

    Hmm... You have written anything on your OS... :(

    On Windows XP, you need to install the Windows Update KB917021 as you can read here:
    http://support.Microsoft.com/kb/917021/

    I'll try to updated the WLAN driver. You can get the latest version on the Toshiba site.

    Finally and above all it s always advisable to update the firmware on your router. You can get on the page of manufacturing of the router where you should find a changelog too.

  • PC Compaq laptop Presario R3000 (AMD) supports WPA2-PSK?

    Hi all

    I know it's an old laptop (Compaq Presario R3000 (AMD) Notebook PC).

    Recently, I upgraded my system from network and start using WPA2-PSK.

    I installed the patch from MS http://www.microsoft.com/en-us/download/details.aspx?id=1974

    However, the drop-down list of my Networking Wireless still doesn't show the option

    for wpa2 but wpa.

    Can someone tell me the reason? Is it because that which does not support my network card

    the new standard wpa2?

    Thank you

    I think that this driver will take care of the issue...

    http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetails/?sp4ts.oid=3688870&spf_p.tpst=swdMain&spf_p.prp_swdMain=wsrp-navigationalState%3Didx%253D%257CswItem%253Dob_101092_1%257CswEnvOID%253D1093%257CitemLocale%253D%257CswLang%253D%257Cmode%253D%257Caction%253DdriverDocument&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

    Yet once, in addition to the driver above you also need to run XP SP3 in order to get the plug in charge WPA2 if this microsoft SP2 WPA2 patch does not work.

  • ACS 5.3 use LDAP. for one SSID and use IS HOST. for a different SSID

    I have 2 SSID on WLCs

    I wish I had 1 point SSID to the radius of the acs using LDAP store and the 2nd point SSID to the radius of the acs using identity store of the host for mac filtering.

    both scenarios are working, but not all.

    If I set the order of the rule I can get an SSID, but then the other fails.

    Authentication failed                                                                                 :

    22056 object was not found in the identity of the point of sale.

    Access matched Service selection rule:

    Rule-1

    Comparative political identity rule:

    Rule-1

    Some identity stores:

    RBLDAP

    Evaluate the politics of identity

    15004 Matched rule

    15013 selected identity store-

    24031 sending request to the primary LDAP server

    24017 Looking up host in LDAP - 04-xx-xx-xx-xx-xx Server

    24009 host not found in the LDAP server

    22056 object was not found in the identity of the point of sale.

    22058 advanced option that is configured for a unknown user is used.

    22061 the option 'Refuse' Advanced is set in the case of a request for authentication has failed.

    11003 returned RADIUS Access-Reject

    If I move the mac add rule before the rule of ldap, but then the ldap authentication fails

    Request for access received RADIUS 11001

    11017 RADIUS creates a new session

    11027 detected host Lookup UseCase (Service-Type = check call (10))

    Assess Service selection strategy

    15004 Matched rule

    Access to Selected 15012 - MAC filter network access service

    Evaluate the politics of identity

    15004 Matched rule

    15013 selected identity Store - internal hosts

    24209 Looking internal host IDStore host - 04-xx-xx-xx-xx-xx

    24211 found internal host IDStore host

    Authentication 22037 spent

    I tried to install the following without result.

    It seems to me that there should be a simple process to do what happens. I thought that if the rule does not match it would be to move on to the next rule etc...

    I might be able to live with the first ldap control and if it does not pass to the db of the local host, but seemingly ineffective.

    https://supportforums.Cisco.com/thread/2133704

    You can create a sequence of identity store so that if the end point is not present in the ldap database, then it can check its database of the local host.

    Or you can create a condition in your selection of service such as if rule called-station-id ends with (AIDS) then you can have it match the rule that uses the appropriate rule pointing to ldap, another rule when called-station-id ends with (ssidB) match the rule that points to the rule that uses the database of the local host.

    Here is the section on the configuration of the sequence of identity store, don't forget to select continue if user not found.

    http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_sys...

    Thank you

    Sent by Cisco Support technique iPad App

  • HOWTO to Setup wpa2 + aes + psk with mac-filter WLC 4402 (RADIUS)

    Hello

    I'm trying to Setup wpa2 + aes + psk with mac-filter (RADIUS) on WLC 4402 (6.0.182), with Lap - 1142

    on security, the value L2 security wpa + wpa2 and make sure MAC filtering

    Uncheck the WPA

    check the WPA2, AES, TKIP to unckeck

    Mgmt PSK auth key

    PSK ASCII marker

    L3 no

    Uncheck the political web

    AAA servers

    Select enable accounting radius server server

    It's work fine, when I use WEP with mac-filter (radius)

    but when I select WPA2 is it fail and no newspaper both WLC server and RADIUS

    Is this limitation or bug...

    Thanks in advance for your help

    This sounds like it should work.  Maybe your client likes not wpa2/aes or does not match the PSK.  I would try to associate with this same configuration, but without enabled mac filtering to try to identify the problem.

    -John

  • WRT600N - Wireless MAC Filter Table will not retain MAC for the Droid 2 phones

    Hello

    I have a Linksys WRT600N router and I succumbed adding our new Motorola Droid 2 to the MAC table on the Wireless Security tab.

    It allows access if I disable MAC filtering wireless and appears on the list of clients, but when I try to add the customer list or manually enter the MAC table, it does not retain it when I save it. The only thing that seems different from the MAC standard is the 1 byte

    (F8:7 B: 7 A: 76:98:22 is the MAC of my phone).

    I don't want to leave my network open and prefer to avoid using a WEP key if possible.

    Can anyone tell me what I am doing wrong or is this a bug? Y at - it a firmware update I have to apply to this effect in my MAC filter (current version is 1.01.36 build 3)?

    Oh and I'm not worried about hackers if as much as deterrence of neighbors stealing my bandwidth. To implement the keys on all my devices was too much time to consider unless a last resort. MAC filters make it also easier for me to add guests fairly quickly.

  • the filter value (with presentation variables) for applications using "SQL issued.

    If I have a "emitted SQL":


    SELECT saw_0 saw_0, saw_1 saw_1, saw_2 saw_2, saw_3 saw_3, saw_4 saw_4 (FROM)
    SELECT saw_0 saw_0, saw_1 saw_1, SUM (saw_2) saw_2, SUM (saw_3) saw_3 SUM (saw_4) saw_4
    Of
    (
    (
    SELECT 'period '. "" YearMonth "saw_0,"Customer. " "" CustomerName "saw_1, COUNT ('dirty'. ("' SalesDate") saw_2, "Sales". "' No.OfConsumer ' saw_3, saw_4 0
    CRM
    WHERE ('period'. ("' YearMonth" > = 200904) AND ('period'. ("' YearMonth" < = 200910)
    )
    UNION ALL
    (
    SELECT 'period '. "" YearMonth "saw_0,"Customer. " "" CustomerName "saw_1, saw_2 0, saw_3 0, Count ("SuperSales". "Saw_4 SuperSalesDate") "
    CRM
    WHERE ('period'. ("' YearMonth" > = 200904) AND ('period'. ("' YearMonth" < = 200910)
    )
    ) t1
    Saw_0 GROUP, saw_1
    ORDER BY saw_0, saw_1
    ) t2 ORDER BY saw_0


    in fact, in this application, I would like to set up a filter to 'period '. "" YearMonth "using the variable of presentation.
    is it possible to do?
    Thank you!!

    Hi Forreging,

    You can use variables of the presentation, but not if you directly set the SQL via the Advanced Options tab.

    Instead, build up the first report like the first part of the statement of the UNION. Then use the "combined with a similar request" to build the logic for the second part of the query.

    When approached in this way, you can set filters on each "subquery" via the criteria in other tab, OBIEE allows you to add an external to the level of the query filter when you go on the road to the SQL code in the Advanced tab.

    Good luck and if you find this post useful, please give points!

    Best regards

    -Joe

  • How can we regenerated certificate of development mac for future use.

    How can we regenerated certificate of development mac for future use.

    Probably better off posting it here:

    Developer forums

  • Where can I download silverlight for windows using a mac?

    I really want MS to treat people like they're idiots.   :-(  One of the reasons why I have avoid them more.

    And I avoid using a software which provides support through forums, forums are a waste my time!  Options would be nice.

    I have a Mac, I know.  I have a Windows computer up-to-date with Silverlight, I know.

    As much as I can get on their Web site, I can't find a way to download the latest version of Silverlight for Windows using computers.

    Where can I download the latest version of Silverlight windows, preferably using a Mac because it is my main computer.  I rarely use Windows personally more.

    Hi, Marilyn.

    Thanks for the suggestion, but not necessary.  I had the problem solved, as I've mentioned in my previous post.

    Also noted there, I do not use MS Forums except as a last resort.  And sometimes I just give up instead of using the forums.

    Why?

    1. MS Server response time is slow cussedly too often.
    2. I have to look for answers, rather than simply through a condensed list, as you can with a newsgroup reader.

      The problem with research is, if I use the word 'bucket' and posters use the word 'bucket', in the subject line, I'll never find it.  But if I can easily scroll the list quickly, and I see the word 'bucket', I can't stop and open this message.

    3. The same messages show 2-3 times in the threaded view.
    4. Forums of waste server and user of the resources and bandwidth transmission system.  You always download the same Visual information such as graphics and ads over and over and over ad nauseam.
    5. Forums are for people who do not know how to use focus groups and companies like MS used to provide good documentation with their products.
    6. Connection time can take forever.

    All the above comments, to some extent, apply to all the forums that I have all been forced to use.

  • Not use 5.4 ACS for TLS authentication with a certificate not in the string

    Hi all

    I have installed ACS 5.4 and several wireless environments.

    EAP - TLS is used to authenticate users of our area (of self-signed cetificates)

    Then use PEAP and need for a real external cert... (Signed by Terena)

    The problem is that I can use a single certificate for authentication EAP on ACS, and I need them both to work.

    I see only 2 options:

    1 configure the TLS network to authenticate without going through the ACS cert in the string (use the real one)

    2. set up somehow to use two certificates, one for each service.

    Please help, im desperate.

    Thank you!

    Naor

    You can't have several certificates of server/identity on ACS for EAP flavours. As a best practice, get the third-party certificate and check to associate the certificate with the EAP protocols that use SSL/TLS tunneling: EAP - TLS, PEAP and EAP-FAST.

    ~ BR
    Jatin kone

    * Does the rate of useful messages *.

Maybe you are looking for