请选择 进入手机版 | 继续访问电脑版

设为首页 收藏本站
思科社区 关注
思科社区

搜索
热搜: 邮件服务器
查看: 588|回复: 10

用802.1x的WLANs LDAP认证配置WLC,macbook和Windows电脑连接不上。安卓手机可以连。

[复制链接]
发表于 2020-11-11 10:33:17 | 显示全部楼层 |阅读模式
0可用金钱
我参照 思科官网上的  https://www.cisco.com/c/zh_cn/support/docs/wireless-mobility/wireless-lan-wlan/211277-WLC-with-LDAP-Authentication-Configurati.html配置了802.1x的WLANs LDAP认证配置WLC,macbook和Windows电脑连接不上。安卓手机可以连。苹果的最新版本的手机可以连接。苹果旧版本的手机死活连接不上。是否要安装Cisco EAP插件。ldap服务器是用Windows的AD域搭建的。现在安卓手机端连接已经测试成功。现在问题是Windows电脑和mac笔记本电脑,以及苹果手机版本低的就连接不上,更新到最新版本可以连接。  

我配置的是802.1X PEAP   按原理来讲是不需要安装Cisco EAP插件,Cisco EAP插件我也找了很久还是没找到。以下是思科官网上连接802.1X说明

  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
 楼主| 发表于 2020-11-11 10:34:26 | 显示全部楼层
我的无线控制器是 Wlc2504
Software Version        8.2.141.0
Field Recovery Image Version       
7.6.101.1
  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
 楼主| 发表于 2020-11-11 10:36:07 | 显示全部楼层
https://www.cisco.com/c/zh_cn/support/docs/wireless-mobility/wireless-lan-wlan/211277-WLC-with-LDAP-Authentication-Configurati.html

我是按照这个是官网上配置的文档,来配置802.1X 的PEAP
  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
发表于 2020-11-17 23:42:30 | 显示全部楼层
查看一下日志,看看有没有线索
  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
发表于 2020-11-18 08:18:48 | 显示全部楼层
加密是否正确
  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
 楼主| 发表于 2020-11-19 09:13:14 | 显示全部楼层

我上传了 我在无线控制器上的配置。看一下是否正确。

本帖子中包含更多资源

您需要 思科 CCO 登录 才可以下载或查看,没有帐号?思科 CCO 注册   

x
  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
 楼主| 发表于 2020-11-19 09:35:05 | 显示全部楼层
Rocky 发表于 2020-11-17 23:42
查看一下日志,看看有没有线索

以下是今天测试连接的 日志,请帮我看看。测试中发现安卓手机都可以正常连接,苹果手机高版本的ios可以正常连接,低版本的苹果手机连接不了。Windows电脑连接不了。低版本的mac笔记本电脑可以正常连接。高版本的mac笔记本电脑连接不了。
*spamApTask4: Nov 19 09:05:31.103: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 4 from AP cc:46:d6:9a:fa:80
*Dot1x_NW_MsgTask_4: Nov 19 09:04:59.035: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client e4:9a:dc:81:75:9c - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
*spamApTask4: Nov 19 09:04:00.775: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 0, WLAN ID 1, count 1 from AP cc:46:d6:9a:fa:80
*spamApTask2: Nov 19 09:00:35.240: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:20:54:fa:8d:e7:ca Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.240: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:e0:dc:ff:c7:80:29 Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.240: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:60:ab:67:fb:ad:32 Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:b8:90:47:07:8a:2c Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:f0:18:98:28:79:31 Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:f0:c3:71:e3:89:3f Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:f8:ff:c2:14:9e:c4 Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:b0:e5:ed:7f:d2:b7 Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:38:37:8b:32:51:5d Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:98:10:e8:76:0b:6c Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:f4:70:ab:7a:2a:22 Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:f8:ff:c2:29:68:a1 Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:a4:44:d1:8c:88:f9 Channel Change Occured. Spectrum Mgmt bit set.
*spamApTask2: Nov 19 09:00:35.239: %APF-3-APF_CHANNEL_CHANGE: apf_spam.c:2586 Client deletion failed. Clt mac:1e:2a:68:2c:84:ce Channel Change Occured. Spectrum Mgmt bit set.
*Dot1x_NW_MsgTask_5: Nov 19 08:59:36.104: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort ReasonOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:59:31.059: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort ReasonOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:59:25.998: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort ReasonOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:59:20.953: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort ReasonOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:59:15.907: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort ReasonOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:59:10.862: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort ReasonOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:59:05.817: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort ReasonOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:59:00.772: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort ReasonOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:55.727: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort ReasonOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:50.681: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort ReasonOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:45.636: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:40.591: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:35.546: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:30.501: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:25.440: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:20.394: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:15.360: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:10.273: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:58:00.198: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:450  Authentication Aborted for  client ac:ed:5c:02:ad:2d Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM
*Dot1x_NW_MsgTask_5: Nov 19 08:56:08.069: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client a4:4b:d5:11:11:cd - got 00 00 00 00 00 00 00 01, expected 00 00 00 00 00 00 00 02
*spamApTask2: Nov 19 08:55:10.546: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 0, WLAN ID 2, count 1 from AP cc:46:d6:5b:54:e0
*spamApTask5: Nov 19 08:46:06.627: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 0, WLAN ID 2, count 1 from AP cc:46:d6:5b:53:50
*Dot1x_NW_MsgTask_3: Nov 19 08:41:06.446: %DOT1X-3-PSK_CONFIG_ERR: 1x_ptsm.c:675 Client b8:86:87:47:51:0b may be using an incorrect PSK
*emWeb: Nov 19 08:30:55.542: %AAA-3-ACCTREQ_SEND_FAILED: aaa.c:3820 Unable to send Accounting Request for User admin. No accounting server is configured.
*spamApTask1: Nov 19 08:17:12.403: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*Dot1x_NW_MsgTask_3: Nov 19 08:14:39.125: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client 68:fb:7e:c8:ab:03 - got 00 00 00 00 00 00 00 11, expected 00 00 00 00 00 00 00 12
*spamApTask1: Nov 19 08:11:12.452: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 08:03:12.519: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 07:59:12.557: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*Dot1x_NW_MsgTask_2: Nov 19 07:48:02.377: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client ea:07:85:fb:e1:7a - got 00 00 00 00 00 00 00 16, expected 00 00 00 00 00 00 00 17
*spamApTask1: Nov 19 07:47:12.657: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 07:43:12.691: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 07:41:12.706: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 07:37:12.740: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 07:35:12.754: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 07:15:12.911: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 07:01:13.018: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*Dot1x_NW_MsgTask_7: Nov 19 07:00:31.697: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client c8:3c:85:c8:43:6f - got 00 00 00 00 00 00 00 0e, expected 00 00 00 00 00 00 00 0f
*Dot1x_NW_MsgTask_2: Nov 19 06:59:03.555: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client 70:78:8b:30:3a:aa - got 00 00 00 00 00 00 00 03, expected 00 00 00 00 00 00 00 04
*Dot1x_NW_MsgTask_2: Nov 19 06:59:02.182: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client 70:78:8b:30:3a:aa - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
*spamApTask1: Nov 19 06:57:13.053: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 06:55:13.069: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 06:49:13.107: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 06:39:13.194: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 06:35:13.223: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 06:33:13.238: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 06:09:13.432: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 1, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask5: Nov 19 05:48:07.966: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 1, count 1 from AP cc:46:d6:5b:53:50
*Dot1x_NW_MsgTask_2: Nov 19 05:46:56.258: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client ea:07:85:fb:e1:7a - got 00 00 00 00 00 00 00 13, expected 00 00 00 00 00 00 00 14
*spamApTask2: Nov 19 04:51:02.862: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 1, count 1 from AP cc:46:d6:a0:c7:10
*Dot1x_NW_MsgTask_5: Nov 19 04:26:22.932: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client f8:2d:7c:c8:28:cd - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
*Dot1x_NW_MsgTask_4: Nov 19 04:18:06.319: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client 98:10:e8:76:0b:6c - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
*Dot1x_NW_MsgTask_0: Nov 19 03:56:26.892: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client f0:e4:a2:33:44:68 - got 00 00 00 00 00 00 00 1c, expected 00 00 00 00 00 00 00 1d
*Dot1x_NW_MsgTask_2: Nov 19 03:46:04.446: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client ea:07:85:fb:e1:7a - got 00 00 00 00 00 00 00 10, expected 00 00 00 00 00 00 00 11
*spamApTask5: Nov 19 03:42:08.940: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 1, count 1 from AP cc:46:d6:5b:53:50
*Dot1x_NW_MsgTask_5: Nov 19 03:26:07.775: %DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:449 Invalid replay counter from client f8:2d:7c:c8:28:cd - got 00 00 00 00 00 00 00 03, expected 00 00 00 00 00 00 00 04
*spamApTask1: Nov 19 03:23:14.731: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 2, count 1 from AP cc:46:d6:5b:55:b0
*spamApTask1: Nov 19 03:21:14.749: %LWAPP-3-REPLAY_ERR: spam_lrad.c:41245 The system has received replay error on slot 1, WLAN ID 1, count 1 from AP cc:46:d6:5b:55:b0
  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
发表于 2020-11-19 12:45:30 | 显示全部楼层
个人感觉应该是PC或者Mac OS不支持按照文档中的说明:
在配置LDAP的时候已经提示仅支持PEAP-GTC/EAP-TLS/EAP-FAST

现在windows和MacOS支持的基本上是PEAP-MSCHAPv2,看了两个安卓手机,网络选项里面能选的有PEAP、EAP-TLS 、 EAP-TTLS,不太清楚你能连上无线的用的是哪一种协议。macos只能选wpa2企业级,其他的只能在连接上之后看到具体的eap类型。

可以考虑用nam(Cisco Network Access Manager)测试一下能否连接,要是还不行建议用ACS或者ISE做认证试试吧

EAP-TLS需要有完整的PKI支持,EAP-FAST依赖PAC,这两个我都不是太了解,给不了什么有用的信息。PEAP-GTC我查了查Wikipedia,windows貌似从未正式支持过这个(基本上是LDAP想实现PEAP认证基本没戏)。Macos不好说。。


附:NAM下载地址
链接: https://pan.baidu.com/s/1WMogTExXc4xP_m3hc21Nkg 提取码: 6wj8



  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
发表于 2020-11-20 13:08:58 | 显示全部楼层
HHUU 发表于 2020-11-19 09:13
我上传了 我在无线控制器上的配置。看一下是否正确。

EAP-TLS试试
  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
 楼主| 发表于 2020-11-20 17:09:03 | 显示全部楼层
gengchunlin 发表于 2020-11-19 12:45
个人感觉应该是PC或者Mac OS不支持按照文档中的说明:
在配置LDAP的时候已经提示仅支持PEAP-GTC/EAP-TLS/E ...

安卓手机是peap选项连接的 ,苹果手机是wpa2企业选项连接的。Windows电脑是PEAP-MSCHAPv2选项连接的。现在问题是公司要求无线改成802.1x 接入,有些设备能连接上,有些连接不了。这样的话根本没法推广全公司使用的。
  • 1
  • 2
  • 3
  • 4
  • 5
  • 1
  • 2
  • 3
  • 4
  • 5
平均得分0 (0 评价)
您需要登录后才可以回帖 思科 CCO 登录 | 思科 CCO 注册   

本版积分规则

Archiver | 思科社区  

GMT+8, 2020-12-5 20:13 , Processed in 0.105596 second(s), 54 queries .

京ICP备11014401号-17

© 2020 思科系统.版权所有 重要声明 | 保密声明 | 隐私权政策 | 商标 |

快速回复 返回顶部 返回列表