N
ngmanchester
Hi. Our office has installed a couple of new Cisco 2700 Autonomous Access Points and we are trying to setup EAP 802.1x authentication to our laptops, so we can have a Wireless LAN.
The access points back the authentication off to Cisco ISE, which does a machine and user authentication against Active Directory. Cisco ISE shows that authentication succeeds and a Radius Access-Accept message is returned back to the AP. The AP logs show that the Radius Access-Accept message is received.
"RADIUS: Received from id 1645/238 X.X.X.X:1645, Access-Accept"
When trying to connect to the Wireless on our laptops we enter our username/password and we get a "Unable to connect to network" message.
Note, we can connect normally using a different SSID that is WPA2. Our drivers are up to date.
Windows Event Logs show this sequence:
WLAN AutoConfig service started a connection to a wireless network.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Connection Mode: Connection to a secure network without a profile
Profile Name: XXX
SSID: XXX
BSS Type: Infrastructure
Wireless network association started.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Authentication: Open
Encryption: WEP
802.1X Enabled: Yes
Wireless network association succeeded.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Management Frame Protection Enabled: 0x7600000000
Wireless security started.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Authentication: Open
Encryption: WEP
FIPS Mode: Disabled
802.1x Enabled: Yes
Wireless 802.1x authentication started.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Eap Information: Type 0, Vendor ID 0, Vendor Type 0, Author ID 0
Wireless 802.1x authentication succeeded.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Identity: XXXXXXXXXXXX
User:
Domain:
Wireless security failed.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Peer MAC Address: XXX
Reason: Dynamic key exchange did not succeed within configured time
Error: 0x0
I cannot find anything to think why this might be the case and not a lot online when I have a look about "Dynamic key exchange did not succeed within configured time". I am using the default Windows wireless settings, and WPA2 is fine.
Any help would be appreciated.
Continue reading...
The access points back the authentication off to Cisco ISE, which does a machine and user authentication against Active Directory. Cisco ISE shows that authentication succeeds and a Radius Access-Accept message is returned back to the AP. The AP logs show that the Radius Access-Accept message is received.
"RADIUS: Received from id 1645/238 X.X.X.X:1645, Access-Accept"
When trying to connect to the Wireless on our laptops we enter our username/password and we get a "Unable to connect to network" message.
Note, we can connect normally using a different SSID that is WPA2. Our drivers are up to date.
Windows Event Logs show this sequence:
WLAN AutoConfig service started a connection to a wireless network.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Connection Mode: Connection to a secure network without a profile
Profile Name: XXX
SSID: XXX
BSS Type: Infrastructure
Wireless network association started.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Authentication: Open
Encryption: WEP
802.1X Enabled: Yes
Wireless network association succeeded.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Management Frame Protection Enabled: 0x7600000000
Wireless security started.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Authentication: Open
Encryption: WEP
FIPS Mode: Disabled
802.1x Enabled: Yes
Wireless 802.1x authentication started.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Eap Information: Type 0, Vendor ID 0, Vendor Type 0, Author ID 0
Wireless 802.1x authentication succeeded.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Identity: XXXXXXXXXXXX
User:
Domain:
Wireless security failed.
Network Adapter: Intel(R) Dual Band Wireless-AC 8265
Interface GUID: XXX
Local MAC Address: XXX
Network SSID: XXX
BSS Type: Infrastructure
Peer MAC Address: XXX
Reason: Dynamic key exchange did not succeed within configured time
Error: 0x0
I cannot find anything to think why this might be the case and not a lot online when I have a look about "Dynamic key exchange did not succeed within configured time". I am using the default Windows wireless settings, and WPA2 is fine.
Any help would be appreciated.
Continue reading...