Fumana CLI ea molaoli.
Etsa taelo: leka lebitso la mosebelisi la aaa radius [lebitso la mosebelisi] password
[password] wlan-id [WLAN ID] apgroup [AP Group] seva-index
[Index ea seva].
Sheba Karabo ea Teko ea Radius bakeng sa liphetho tsa netefatso.

Hata 2: Ho lokisa liphoso ho Cisco Wireless Controllers

Ho lokisa bothata ho Cisco Wireless Controllers, sebelisa tse latelang
litaelo:

debug aaa all enable: Numella debugging bakeng sa AAA kaofela
mesebetsi.
test aaa show radius: Bontša Tlhahlobo ea Radius
Karabo bakeng sa merero ea ho lokisa liphoso.

Example: Phihlello e Amohetse

Latela mehato ena ho leka netefatso ea radius ea AAA ka a
karabo e atlehileng:

Etsa taelo: test aaa radius username user1 password Cisco123 wlan-id 7 apgroup default-group server-index 2.

Sheba karabo ea netefatso bakeng sa sephetho se atlehileng
khoutu.

ExampLe: Phihlello e hlolehile

Haeba netefatso e hloleha, latela mehato ena:

Etsa taelo: test aaa radius username user1 password C123 wlan-id 7 apgroup default-group server-index 2.
Sekaseka karabo ho fumana sesosa sa ho hloleha.

LBH

P: Nka rarolla mathata a netefatso joang ho Cisco
Li-controller tse se nang mohala?

A: O ka rarolla netefatso ka ho sebelisa tlhahlobo aaa
taelo ea radius le ho sekaseka Karabo ea Teko ea Radius bakeng sa lintlha tse qaqileng
tlhahisoleseding.

P: Ke lokela ho etsa eng haeba kopo ea ka ea netefatso e hloleha?

A: Haeba kopo ea hau ea netefatso e hloleha, hlahloba habeli
e fane ka lebitso la mosebelisi, password, WLAN ID, sehlopha sa AP, le index ea seva
bakeng sa liphapang leha e le life tse ka 'nang tsa baka ho hlōleha.

View Fullscreen

Ho lokisa liphoso ho Cisco Wireless Controllers
· Ho rarolla mathata a AAA RADIUS Litšebelisano bakeng sa Tiiso ea WLAN, leqepheng la 1 · Ho utloisisa Client ea Debug ho Li-Wireless Controllers, leqepheng la 9 · Deauthenticating Clients, leqepheng la 9 · Ho Sebelisa CLI ho Rarolla Mathata, leqepheng la 10 · Mabaka a ka 'nang a Etsoa leqepheng la Controller12.
Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa Tiiso ea WLAN
· Lekola litšebelisano tsa AAA RADIUS bakeng sa netefatso ea WLAN ka ho kenya taelo ena: test aaa radius username password password wlan-id wlan-id [apgroupname server-index server-index] Melao ea taelo e kenyelletsa tse latelang: · username le password (ka bobeli ka mongolo o hlakileng) · WLAN ID · Lebitso la sehlopha sa AP (khetho) · AAA server index (khetho)
Taelo ena ea teko e romella sevara ea RADIUS kopo ea phihlello bakeng sa netefatso ea bareki. Phapanyetsano ea kopo ea phihlello e etsahala lipakeng tsa molaoli le seva sa AAA, 'me mohala o ngolisitsoeng oa RADIUS o sebetsana le karabo. Karabelo e kenyelletsa boemo ba netefatso, palo ea ho leka hape, le litšobotsi tsa RADIUS. · View karabo ea RADIUS ho leka kopo ea RADIUS ka ho kenya taelo ena: test aaa show radius
Tataiso · Ka bobeli lebitso la mosebelisi le password li tlameha ho ba mongolo o hlakileng, o ts'oanang le netefatso ea MAC · Haeba sehlopha sa AP se kentsoe, WLAN e kentsoeng e tlameha ho ba sehlopheng seo sa AP.
Ho lokisa liphoso ho Cisco Wireless Controllers 1

Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa Tiiso ea WLAN

Ho lokisa liphoso ho Cisco Wireless Controllers

· Haeba index ea seva e kentsoe, kopo ea ho leka RADIUS e romelloa feela ho seva eo ea RADIUS · Haeba kopo ea RADIUS e sa fumane karabo, kopo ha e romelloe ho seva se seng sa RADIUS · Seva ea RADIUS ho index ea seva e tlameha ho ba boemong bo lumelletsoeng · Taelo ena ea teko e ka sebelisoa ho netefatsa tlhophiso le puisano e amanang le AAA RADIUS
seva 'me ha ea lokela ho sebelisoa bakeng sa netefatso ea mosebelisi · Ho nahanoa hore lintlha tsa seva tsa AAA li behiloe joalo ka ha ho hlokahala.

Lithibelo · Ha ho tšehetso ea GUI · Ha ho tšehetso ea TACACS+

Example: Phihlello e Amohetse
(Cisco Controller) > leka aaa radius username user1 password Cisco123 wlan-id 7 apgroup default-group server-index 2

Kopo ea Teko ea Radius

Wlan-id…………………………………………. 7 ApGroup Name ……………………………….. default-group

Litšoaneleho ———Lebitso-Mosebelisi le Bitsoa-Seteisheneng-Id Calling-Station-Id Nas-Port Nas-Ip-Aterese NAS-Identifier Airespace / WLAN-Identifier User-Password Service-Type Framed-MTU Nas-Port-Type Tunnel-Type Tunnel-Medium-Type Tunneld-Group-Audit-Group-Audit-Group Acct-Session-Id

Values —–user1 00:00:00:00:00:00:EngineeringV81 00:11:22:33:44:55 0x0000000d (13) 172.20.227.39 WLC5520 0x00000007 (7) Cisco123 0x00000008 (8) 0x00000514 (1300) 0x00000013 (19) 0x0000000d (13) 0x00000006 (6) 0x00000051 (81) ac14e327000000c456131b33 56131b33/00:11:22:33:44:55/210

kopo ea auth ea test radius e rometsoe ka katleho. Etsa 'test aaa show radius' bakeng sa karabo

(Cisco Controller)> teko aaa show radius

Kopo ea Teko ea Radius

Wlan-id…………………………………………. 7

Lebitso la ApGroup……………………………….. sehlopha sa kamehla

Server Index………………………………….. 2

Radius Test Karabo

Seva ea Radius

Leka Boemo hape

————-

—–——

172.20.227.52

Katleho

Netefatso ea Karabo:

Khoutu ea Sephetho: Katleho

Litšobotsi

Litekanyetso

Ho lokisa liphoso ho Cisco Wireless Controllers 2

Ho lokisa liphoso ho Cisco Wireless Controllers

Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa Tiiso ea WLAN

———User-Name Class Session-Timeout Termination-Action Tunnel-Type Tunnel-Medium-Type Tunnel-Group-Id

—–mosebedisi1 CACS:rs-acs5-6-0-22/230677882/20313 0x0000001e (30) 0x00000000 (0) 0x0000000d (13) 0x00000006 (6) (0)

(Cisco Controller)> debug aaa kaofela thusa

*emWeb: Oct 06 09:48:12.931: 00:11:22:33:44:55 Ho romela kopo ea Accounting (2) bakeng sa seteishene 00:11:22:33:44:55 *emWeb: Oct 06 09:48:12.932: 00:11:22:33:44:55 E thehile Cisco-Audit-Session-ID bakeng sa mohala:

ac14e327000000c85613fb4c *aaaQueueReader: Oct 06 09:48:12.932: Bolelele ba phasewete ea mosebelisi1 ha bo tsamaellane *aaaQueueReader: Oct 06 09:48:12.932: Recation previous protothenties
40000001 *aaaQueueReader: Oct 06 09:48:12.932: AuthenticationKopo: 0x2b6d5ab8 *aaaQueueReader: Oct 06 09:48:12.932: Callback……………………………………… Oct 0 101:740:06: protocolType………………………………09x48 *aaaQueueReader: Oct 12.932 0:40000001:06: proxyState………………….09:48:12.932:00:11:22Reader:33:44:55:00:00:06:09:48:12.932:16:06:09:48:12.932:5:1 06 09:48:12.932: Pakete e na le li-AVP tse 3 (tse sa bonts'ang) *aaaQueueReader: Oct 3 09:34:95: Ho kenya kopo ea quth ho qid 16, srv=index 07 *aaaQueueReader: Oct. 4:7:86 Request 3:58 77c:b26:06:09:48:be:ab:12.932:00:11a:22f:33:44b:55:4:172.20.227.52 *aaaQueueReader: Oct 1812 06:09:48: 12.932:00:11:22:33:44 Ho romela pakete ho v55 moamoheli 13:172.20.227.52 *aaaQueueReader: Oct 1812 5:00:11: 22:33:44:55:00:00 Phetisetso e atlehileng ea Pakete ea Tiiso (id 06) ho isa ho 09 prosever 48 ho tloha ho 12.941. 00:11:22:33:44:55-XNUMX:XNUMX ... *radiusTransportThread: Oct XNUMX XNUMX:XNUMX:XNUMX: XNUMX:XNUMX:XNUMX:XNUMX:XNUMX:XNUMX Access-Accept amohetsweng ho tswa ho

Seva ea RADIUS 172.20.227.52 bakeng sa mobile 00:11:22:33:44:55 receiveId = 0 *radiusTransportThread: Oct 06 09:48:12.941: AuthorizationResponse: 0x146c56b8 *radiusTransportThread *radiusTransportThread 06:09:48: sebopehoSize…………………………..12.941 *radiusTransportThread: Oct 263 06:09:48: resultCode………………………………..12.941 *radiusTransportThread: Oct 0 06:09:48 ProxyState e na le 12.941 AVPs: *radiusTransportThread: Oct 0 00000001:06:09: AVP[48] User-Name………………… mosebelisi12.941 (00 li-byte) *radiusTransportThread: Oct 11 22:33:44: AVP[55] Sehlopha……….CACS:rs-acs00-00-06-09/48/12.941 (7 byte) *radiusTransportThread: Oct 06 09:48:12.941: AVP[01] Session-Timeout……..1x5
(4 li-byte) *radiusTransportThread: Oct 06 09:48:12.941: AVP[04] Termination-Action….0x00000000 (0) (4 bytes) *radiusTransportThread: Oct 06 09:48:12.941: Annel05VP0Type0100000[16777229pe] (XNUMX)
(4 li-byte) *radiusTransportThread: Oct 06 09:48:12.941: AVP[06] Tunnel-Medium-Type…0x01000006 (16777222) (4 bytes) *radiusTransportThread: Oct 06 09:48:12.941[07:3:06]. Tunnel-Sehlopha-Id…….DATA (09 li-byte) *radiusTransportThread: Oct 48 12.941:0:7: E amohetsoe radius callback bakeng sa teko aaa sephetho sa kopo ea radius XNUMX numAVPs XNUMX.

Ho lokisa liphoso ho Cisco Wireless Controllers 3

Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa Tiiso ea WLAN

Ho lokisa liphoso ho Cisco Wireless Controllers

ExampLe: Phihlello e hlolehile
(Cisco Controller) > leka aaa radius username user1 password C123 wlan-id 7 apgroup default-group server-index 2

Kopo ea Teko ea Radius

Wlan-id…………………………………………. 7

Lebitso la ApGroup……………………………….. sehlopha sa kamehla

Litšobotsi

Litekanyetso

———-

—-

User-Lebitso

mosebelisi1

Bitsa-Seteishene-Id

00:00:00:00:00:00:EngineeringV81

Calling-Station-Id

00:11:22:33:44:55

Nas-Port

0x0000000d (13)

Nas-Ip-Aterese

172.20.227.39

Sekhetho sa NAS

WLC5520

…

Tunnel-Mofuta

0x0000000d (13)

Tunnel-Hare-Mofuta

0x00000006 (6)

Tunnel-Sehlopha-Id

0x00000051 (81)

Cisco / Audit-Session-Id

ac14e327000000c956140806

Acct-Session-Id

56140806/00:11:22:33:44:55/217

kopo ea auth ea test radius e rometsoe ka katleho. Etsa 'test aaa show radius' bakeng sa karabo

(Cisco Controller)> teko aaa show radius

Kopo ea Teko ea Radius

Wlan-id…………………………………………. 7

Lebitso la ApGroup……………………………….. sehlopha sa kamehla

Server Index………………………………….. 2

Radius Test Karabo

Seva ea Radius

Leka Boemo hape

————-

—–——

172.20.227.52

Katleho

Netefatso ea Karabo:

Khoutu ea Sephetho: Netefatso e hlolehile

Ha ho na AVPs ka Karabelo

(Cisco Controller)> debug aaa kaofela thusa

*emWeb: Oct 06 10:42:30.638: 00:11:22:33:44:55 Ho romela kopo ea Accounting (2) bakeng sa seteishene 00:11:22:33:44:55 *emWeb: Oct 06 10:42:30.638: 00:11:22:33:44:55 E thehiloe Cisco-Audit-Session-ID bakeng sa mohala: ac14e327000000c956140806 *aaaQueueReader: Oct.06 User10: 42 User30.639 ha e lumellane *aaaQueueReader: Oct 1 06:10:42: ReProcessAuthentication e fetileng proto 30.639, proto e latelang
40000001 *aaaQueueReader: Oct 06 10:42:30.639: AuthenticationKopo: 0x2b6bdc3c *aaaQueueReader: Oct 06 10:42:30.639: Callback……………………………………… Oct 0 101:740:06: protocolType………………………………10x42 *aaaQueueReader: Oct 30.639 0:40000001:06: proxyState………………….10:42:30.639:00:11:22:33:44:55:00:00:06:10:42:30.639:16:06:10:42:30.639:5:1:06 10 42:30.639:34: Pakete e na le li-AVP tse 73 (tse sa bontšoang) *aaaQueueReader: Oct 58 8:11:6: Ho kenya kopo ea quth ho qid 88, srv=index 96 *aaaQueueReader: Oct. 8thenti:5 Request 0:84:4:fd:5f:06:ba:10c:42:30.639:00c:e11:e22:33:e44:a55 *aaaQueueReader: Oct 4 172.20.227.52:1812:06: 10:42:30.639:00:11:22 Ho romela sephutheloana ho v33 ho moamoheli. 44:55 *aaaQueueReader: Oct 14 172.20.227.52:1812:XNUMX: XNUMX:XNUMX:XNUMX:XNUMX:XNUMX:XNUMX Phetisetso e atlehileng ea Phakete ea Tiiso (id XNUMX) ho ea ho XNUMX ho tloha ho seva sa XNUMX
queue 5, proxy state 00:11:22:33:44:55-00:00
… *radiusTransportThread: Oct 06 10:42:30.647: 00:11:22:33:44:55 Access-Reject e amohetswe ho tswa
RADIUSE

Ho lokisa liphoso ho Cisco Wireless Controllers 4

Ho lokisa liphoso ho Cisco Wireless Controllers

Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa Tiiso ea WLAN

seva 172.20.227.52 bakeng sa selefouno 00:11:22:33:44:55 receiveId = 0 *radiusTransportThread: Oct 06 10:42:30.647: 00:11:22:33:44:55 Ho khutlisa Phoso ea AAA-4 bakeng sa mobile 'Authentication Failed' 00:11:22:33:44:55 *radiusTransportThread: Oct 06 10:42:30.647: AuthorizationResponse: 0x3eefd664 *radiusTransportThread: Oct 06 10:42:30.647: structure…………radih… Oct 92 06:10:42: resultCode………………………………..-30.647 *radiusTransportThread: Oct 4 06:10:42: protocolSed…………………………………………radiusTransportThread: 30.647 Oct. moemedi palo ea AVPs 0.

ExampLe: Seva ea AAA e sa arabeleng
(Cisco Controller) > leka aaa radius username user1 password C123 wlan-id 7 apgroup default-group server-index 3

Kopo ea Teko ea Radius

Wlan-id…………………………………………. 7

Lebitso la ApGroup……………………………….. sehlopha sa kamehla

Litšobotsi

Litekanyetso

———-

—-

User-Lebitso

mosebelisi1

Bitsa-Seteishene-Id

00:00:00:00:00:00:EngineeringV81

Calling-Station-Id

00:11:22:33:44:55

Nas-Port

0x0000000d (13)

Nas-Ip-Aterese

172.20.227.39

Sekhetho sa NAS

WLC5520

…

Tunnel-Sehlopha-Id

0x00000051 (81)

Cisco / Audit-Session-Id

ac14e327000000ca56140f7e

Acct-Session-Id

56140f7e/00:11:22:33:44:55/218

kopo ea auth ea test radius e rometsoe ka katleho. Etsa 'test aaa show radius' bakeng sa karabo

(Cisco Controller) > teko aaa show radius

taelo ea teko e fetileng e ntse e sa phethoa, leka ka mor'a nako e itseng

(Cisco Controller)> teko aaa show radius

Kopo ea Teko ea Radius

Wlan-id…………………………………………. 7

Lebitso la ApGroup……………………………….. sehlopha sa kamehla

Server Index………………………………….. 3

Radius Test Karabo

Seva ea Radius

Leka Boemo hape

————-

—–——

172.20.227.72

Ha ho karabo e fumanoeng ho tsoa ho seva

Netefatso ea Karabo:

Khoutu ea Sephetho: Ha ho karabo e amohetsoeng ho tsoa ho seva

Ha ho na AVPs ka Karabelo

(Cisco Controller)> debug aaa kaofela thusa

*emWeb: Oct 06 11:42:20.674: 00:11:22:33:44:55 Ho romela kopo ea Accounting (2) bakeng sa seteishene 00:11:22:33:44:55 *emWeb: Oct 06 11:42:20.674: 00:11:22:33:44:55 E thehile Cisco-Audit-Session-ID bakeng sa mohala:

ac14e327000000cc5614160c *aaaQueueReader: Oct 06 11:42:20.675: Bolelele ba phasewete ea mosebelisi1 ha bo tsamaellane *aaaQueueReader: Oct 06 11:42:20.675: Recessproto 8 PreviousProcessAuthentication

Ho lokisa liphoso ho Cisco Wireless Controllers 5

Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa Tiiso ea WLAN

Ho lokisa liphoso ho Cisco Wireless Controllers

40000001 *aaaQueueReader: Oct 06 11:42:20.675: AuthenticationKopo: 0x2b6d2414 *aaaQueueReader: Oct 06 11:42:20.675: Callback……………………………………… Oct 0 101:740:06: protocolType………………………………11x42 *aaaQueueReader: Oct 20.675 0:40000001:06: proxyState………………………………………………………… 11 42:20.675:00: Pakete e na le li-AVP tse 11 (tse sa bontšoang) *aaaQueueReader: Oct 22 33:44:55: Ho kenya kopo ea quth ho qid 00, srv=index 00 *aaaQueueReader: Oct. 06thenticator: Oct. 11:42:a20.675:d16:06:cd:fb:11:ef:42:20.675d:d5:2:06:11e:42e *aaaQueueReader: Oct 20.675 03:95:5: 5:16:60:31:5:1 Ho romela pakete.
ho v4 moamoheli 172.20.227.72:1812 *aaaQueueReader: Oct 06 11:42:20.675: 00:11:22:33:44:55 Phetisetso e atlehileng ea Pakete ea Bopaki (id 3) ho isa ho 172.20.227.72ue1812 ho tloha ho 5 seva. proxy state 00:11:22:33:44:55-00:00 … *radiusTransportThread: Oct 06 11:42:22.789: 00:11:22:33:44:55 Fetisetsa hape 'Access-Kopo' (id 3) ho 172.20.227.72. 1812) e fihlile ho mobile 5:00:11:22:33:44. molaetsa o fetisetsoang cnt 55, seva e leka hape 1 *radiusTransportThread: Oct 15 06:11:42: 22.790:00:11:22:33:44 Ho romela pakete ho moamoheli oa v55 4:172.20.227.72 *radiusTransport1812 06:11:42: 22.790:00:11:22:33:44 Phetisetso e atlehileng ea Pakete ea netefatso (id 55) ho ea ho 3:172.20.227.72 ho tloha moleng oa seva 1812, proxy state
00:11:22:33:44:55-00:00 … *radiusTransportThread: Oct 06 11:42:33.991: 00:11:22:33:44:55 Max retransmit of Access-Request (id 3) ho 172.20.227.72 (1812) ho fihla ho mobile 5 (00) 11:22:33:44:55:6. molaetsa o fetisetsoang cnt 20, seva retransmit cnt 06 *radiusTransportThread: Oct 11 42:33.991:XNUMX: server_index e fanoa ka aaa radius ea teko
kopo. Eseng ho etsa phoso. *radiusTransportThread: Oct 06 11:42:33.991: 00:11:22:33:44:55 Max server (e lekile 1) phetisetso ea Access-Request (id 3) ho 172.20.227.72 (port 1812, qid 5)
mobile 00:11:22:33:44:55. molaetsa o fetisetsoang hape cnt 6, seva r *radiusTransportThread: Oct 06 11:42:33.991: 00:11:22:33:44:55:5 Ho khutlisa Phoso ea AAA 'Timeout' (-00) bakeng sa mobile 11:22:33:44:55:06hradius:Transport 11hradius* 42:33.991:0: AuthorizationResponse: 3x934eefe06 *radiusTransportThread: Oct 11 42:33.991:92: structureSize………………………………..06 *radiusTransportThread: Oct 11 42:33.991: resultCode……………………………..-5 *radiusTransportThread: Oct 06 11:42:33.991: protocolUsed…………………………………………………………………………………………………………………………… moemedi palo ea AVPs 0.
ExampLe: NAS ID
(Cisco Controller)> bonts'a sysinfo
Lebitso la Moetsi……………………………… Cisco Systems Inc. Lebitso la Sehlahisoa……………………………………. Phetolelo ea Sehlahisoa sa Cisco Controller …………………………………. 8.2.1.82 … System Nas-Id……………………………… WLC5520 WLC MIC Mefuta ea Setifikeiti sa WLC…………………………… SHA1
(Cisco Controller)> bonts'a sebopeho se qaqileng sa engineering_v81
Lebitso la Sehokelo…………………………….. engineering_v81 Aterese ea MAC……………………………….. 50:57:a8:c7:32:4f

Ho lokisa liphoso ho Cisco Wireless Controllers 6

Ho lokisa liphoso ho Cisco Wireless Controllers

Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa Tiiso ea WLAN

IP Aterese…………………………………… 10.10.81.2 … NAS-Identifier……………………………….. v81-nas-id Active Physical Port………………………….. LAG (13) …

(Cisco Controller) > leka aaa radius username user1 password C123 wlan-id 7 apgroup default-group server-index 2

Kopo ea Teko ea Radius

Wlan-id…………………………………………. 7

Lebitso la ApGroup……………………………….. sehlopha sa kamehla

Litšobotsi

Litekanyetso

———-

—-

User-Lebitso

mosebelisi1

Bitsa-Seteishene-Id

00:00:00:00:00:00:EngineeringV81

Calling-Station-Id

00:11:22:33:44:55

Nas-Port

0x0000000d (13)

Nas-Ip-Aterese

172.20.227.39

Sekhetho sa NAS

v81-nas-id

Airespace / WLAN-Identifier

0x00000007 (7)

…

(Cisco Controller)> debug aaa kaofela thusa

*emWeb: Oct 06 13:54:52.543: 00:11:22:33:44:55 Ho romela kopo ea Accounting (2) bakeng sa seteishene 00:11:22:33:44:55 *emWeb: Oct 06 13:54:52.543: 00:11:22:33:44:55 E Thehile Cisco-Audit-Session-ID bakeng sa
mobile: ac14e327000000ce5614351c *aaaQueueReader: Oct 06 13:54:52.544: Bolelele ba phasewete ea mosebelisi1 ha bo tsamaellane *aaaQueueReader: Oct 06 13:54:52.544: RecationProcess8 nexttouthe
40000001 *aaaQueueReader: Oct 06 13:54:52.544: AuthenticationKopo: 0x2b6bf140 *aaaQueueReader: Oct 06 13:54:52.544: Callback…………………………………… Oct 0 101:740:06: protocolType………………………………13x54 *aaaQueueReader: Oct 52.544 0:40000001:06: proxyState………………….13:54:52.544:00:11:22:33:44:55:00:00:06:13:54:52.544:16:06:13:54 52.544 5:1:06: Pakete e na le li-AVP tse 13 (tse sa bontšoang) *aaaQueueReader: Oct 54 52.544:4:8: Ho kenya kopo ea quth ho qid 56, srv=index 9 *aaaQueueReader: Oct 8:7nti9:9 Request Aut.04:15 bc:e25:10e:cb:26:06b:e13:fe:b54:f52.544:a00:11:22:33:44:55 *aaaQueueReader: Oct XNUMX XNUMX:XNUMX:XNUMX: XNUMX:XNUMX:XNUMX:XNUMX:XNUMX:XNUMX Ho romela pakete.
ho v4 moamoheli 172.20.227.52:1812 *aaaQueueReader: Oct 06 13:54:52.544: 00:11:22:33:44:55 Phetisetso e atlehileng ea Pakete ea netefatso (id 16) ho isa ho 172.20.227.52 ho tloha ho seva sa 1812:XNUMX.
queue 5, proxy state 00:11:22:33:44:55-00:00 *aaaQueueReader: Oct 06 13:54:52.545: 00000000: 01 10 00 f9 bc e4 8e cb 56 b 9b
a9 04 ……..V……. *aaaQueueReader: Oct 06 13:54:52.545: 00000010: 15 25 10 26 01 07 75 73 65 72 31 1e 22 30
30 3a .%.&..user1.”00: *aaaQueueReader: Oct 06 13:54:52.545: 00000020: 30 30 3a 30 30 3a 30 30 3a 30 30 3 30 30
3a 45 00:00:00:00:00:E *aaaQueueReader: Oct 06 13:54:52.545: 00000030: 6e 67 69 6e 65 65 72 69 6e 67 56 38f
13 30 engineeringV81..0 *aaaQueueReader: Oct 06 13:54:52.545: 00000040: 30 3a 31 31 3a 32 32 3a 33 33 3a 34 34 3a
35 35 0:11:22:33:44:55 *aaaQueueReader: Oct 06 13:54:52.545: 00000050: 05 06 00 00 00 0d 04 06 ac 14 e3 27c 20
76 38 ………..'..v8 *aaaQueueReader: Oct 06 13:54:52.545: 00000060: 31 2d 6e 61 73 2d 69 64 1a 0c 00 00 37 63
01 06 1-nas-id….7c.. *aaaQueueReader: Oct 06 13:54:52.545: 00000070: 00 00 00 07 02 12 88 65 4b bf 0c 2c 86 6e
b0 c7 …….eK..,.n.. *aaaQueueReader: Oct 06 13:54:52.545: 00000080: 7a c1 67 fa 09 12 06 06 00 00 00 08 0c 06
00 00 zg …………….

Ho lokisa liphoso ho Cisco Wireless Controllers 7

Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa Tiiso ea WLAN

Ho lokisa liphoso ho Cisco Wireless Controllers

*aaaQueueReader: Oct 06 13:54:52.545: 00000090: 05 14 3d 06 00 00 00 13 40 06 00 00 00 0d 41 06 ..=A..@…..
*aaaQueueReader: Oct 06 13:54:52.545: 000000a0: 00 00 00 06 51 04 38 31 1a 31 00 00 00 09 01 2b ….Q.81.1….
*aaaQueueReader: Oct 06 13:54:52.545: 000000b0: 61 75 64 69 74 2d 73 65 73 73 69 6f 6e 2d 69 64 audit-session-id
*aaaQueueReader: Oct 06 13:54:52.545: 000000c0: 3d 61 63 31 34 65 33 32 37 30 30 30 30 30 30 63 =ac14e327000000cXNUMX
*aaaQueueReader: Oct 06 13:54:52.545: 000000d0: 65 35 36 31 34 33 35 31 63 2c 20 35 36 31 34 33 e5614351c, 56143.
*aaaQueueReader: Oct 06 13:54:52.545: 000000e0: 35 31 63 2f 30 30 3a 31 31 3a 32 32 3a 33 33 3a 51c/00:11:22:
*aaaQueueReader: Oct 06 13:54:52.545: 000000f0: 34 34 3a 35 35 2f 32 32 34 44:55/224
*radiusTransportThread: Oct 06 13:54:52.560: 5.client sockfd 35 e setiloe. sebetsana le msg *radiusTransportThread: Oct 06 13:54:52.560: ****Kena processMelaetsa e Incoming: Re amohetse Karabo ea Radius (khoutu=3)

ExampLe: Ho fetola MAC Delimiter
(Cisco Controller) > leka aaa radius username user1 password Cisco123 wlan-id 7 apgroup default-group server-index 2

Kopo ea Teko ea Radius

Wlan-id…………………………………………. 7

Lebitso la ApGroup……………………………….. sehlopha sa kamehla

Litšobotsi

Litekanyetso

———-

—-

User-Lebitso

mosebelisi1

Bitsa-Seteishene-Id

00-00-00-00-00-00:EngineeringV81

Calling-Station-Id

00-11-22-33-44-55

Nas-Port

0x0000000d (13)

Nas-Ip-Aterese

0xac14e327 (-1407917273)

Sekhetho sa NAS

WLC5520

…

(Cisco Controller)> config radius auth mac-delimiter colon

(Cisco Controller)> leka aaa radius username user1 password

Cisco123 wlan-id 7 apgroup default-group server-index 2

Kopo ea Teko ea Radius

Wlan-id…………………………………………. 7

Lebitso la ApGroup……………………………….. sehlopha sa kamehla

Litšobotsi

Litekanyetso

———-

—-

User-Lebitso

mosebelisi1

Bitsa-Seteishene-Id

00:00:00:00:00:00:EngineeringV81

Calling-Station-Id

00:11:22:33:44:55

Nas-Port

0x0000000d (13)

…….

ExampLe: RADIUS Fallback
(Cisco Controller) > leka aaa radius username user1 phasewete Cisco123 wlan-id 7 apgroup default-group
Radius Test Request Wlan-id………………………………………. 7 ApGroup Name ……………………………….. default-group

Ho lokisa liphoso ho Cisco Wireless Controllers 8

Ho lokisa liphoso ho Cisco Wireless Controllers

Ho Utloisisa Debug Client ho Li-Wireless Controllers

Litšobotsi

Litekanyetso

———-

—-

User-Lebitso

mosebelisi1

Bitsa-Seteishene-Id

00:00:00:00:00:00:EngineeringV81

Calling-Station-Id

00:11:22:33:44:55

Nas-Port

0x0000000d (13)

Nas-Ip-Aterese

172.20.227.39

Sekhetho sa NAS

WLC5520

…

(Cisco Controller)> teko aaa show radius

Kopo ea Teko ea Radius

Wlan-id…………………………………………. 7

Lebitso la ApGroup……………………………….. sehlopha sa kamehla

Radius Test Karabo

Seva ea Radius

Leka Boemo hape

————-

—–——

172.20.227.62

Ha ho karabo e fumanoeng ho tsoa ho seva

172.20.227.52

Katleho

Netefatso ea Karabo:

Khoutu ea Sephetho: Katleho

Litšobotsi

Litekanyetso

———-

—-

User-Lebitso

mosebelisi1

…

Ho Utloisisa Debug Client ho Li-Wireless Controllers
Sebelisa sesebelisoa sa Wireless Debug Analyzer ho sekaseka tlhahiso ea moreki oa debug.

Ho nyenyefatsa bareki
U sebelisa molaoli, u ka hlakola bareki ho latela lebitso la bona la mosebelisi, aterese ea IP kapa aterese ea MAC. Haeba ho na le mananeo a mangata a bareki a nang le lebitso le le leng la mosebelisi, o ka hlakola linako tsohle tsa bareki ho latela lebitso la mosebelisi. Haeba ho na le liaterese tsa IP tse fetelletseng lihokelong tse fapaneng, u ka sebelisa aterese ea MAC ho hlakola bareki. Karolo ena e na le likaroloana tse latelang:
Deuthenticating Clients (GUI)

Tsamaiso

Mohato oa 1 Mohato oa 2 Mohato oa 3 Mohato oa 4

Khetha Tlhokomeliso > Bareki. Leqepheng la bareki, tlanya aterese ea MAC ea moreki. Leqepheng la Bareki > Lintlha tse hlahang, tobetsa Tlosa. Boloka tlhophiso.

Ho lokisa liphoso ho Cisco Wireless Controllers 9

Bareki ba netefalitsoeng (CLI)

Ho lokisa liphoso ho Cisco Wireless Controllers

Bareki ba netefalitsoeng (CLI)
Ts'ebetso · config client deauthenticate {mac-addr | ipv4-addr | ipv6-addr | lebitso la mosebelisi}
Ho sebelisa CLI ho Rarolla Mathata
Haeba u na le mathata leha e le afe ka molaoli oa hau, u ka sebelisa litaelo tse karolong ena ho bokella lintlha le ho rarolla mathata.
· Taelo ea debug e nolofalletsa ho rengoa ha litlhahlobo tsa liketsahalo tse itseng. Sephetho sa log se lebisitsoe ho seshene ea terminal eo ho eona ho kentsoeng taelo ea debug.
· Ke karolo e le 'ngoe feela ea ho lokisa bothata ka nako. Haeba terminal e le 'ngoe e na le ts'ebetso ea ho lokisa liphoso,' me taelo ea debug e kenngoa ho terminal e 'ngoe, seboka sa debug ho terminal ea pele ea felisoa.
· Ho tima debugs tsohle, sebelisa debug disable-all command. · Ho sefa li-debugs ho latela moreki kapa liaterese tsa AP MAC, sebelisa aterese ea mac addr mac-address.
laela. Ho fihlela ho liaterese tse 10 tsa MAC li tšehetsoa. · Qalong ea lenaneo la ho lokisa liphoso, ho tla hlaha molaetsa o bontšang lintlha tse latelang tsa sethala
nako ea ho lokisa bothata e ntse e qala: · Timestamp · Cisco controller model · Cisco release version · Nomoro ea serial · Hostname
Ts'ebetso · show process cpu: E bonts'a hore na mesebetsi e fapaneng ea sistimi e sebelisa CPU ka nako eo. Taelo ena e thusa ho utloisisa hore na mosebetsi ofe kapa ofe o le mong o laola CPU le ho thibela mesebetsi e meng hore e etsoe. Sebaka sa Bohlokoa se bontša litekanyetso tse peli: 1) ntho ea pele ea mosebetsi e entsoeng ke mohala oa sebele oa mosebetsi le 2) mosebetsi o tlang pele o arotsoeng ke mefuta e mengata ea lintho tse tlang pele tsamaisong. Sebaka sa Ts'ebeliso ea CPU se bonts'a ts'ebeliso ea CPU ea mosebetsi o itseng. Sebaka sa Reaper se bonts'a litekanyetso tse tharo: 1) nako eo mosebetsi o reriloeng ka eona ts'ebetsong ea mokhoa oa mosebedisi, 2) nako eo mosebetsi o reriloeng ka eona ts'ebetsong ea mokhoa oa tsamaiso, le 3) hore na mosebetsi o ntse o shebelloa ke mohlokomeli oa mosebetsi oa kotulo (e bontšitsoeng ke "T"). Haeba mosebetsi o ntse o shebelloa ke mohlokomeli oa mosebetsi oa bakotuli, tšimo ena e boetse e bontša boleng ba nako (ka metsotsoana) pele mosebetsi o hloka ho hlokomelisa setsebi sa mosebetsi.

Ho lokisa liphoso ho Cisco Wireless Controllers 10

Ho lokisa liphoso ho Cisco Wireless Controllers

Ho sebelisa CLI ho Rarolla Mathata

Hlokomela Haeba u batla ho bona kakaretso ea ts'ebeliso ea CPU joalo ka liperesentetage, kenya taelo ea show cpu.
· bonts'a memori ea ts'ebetso: E bonts'a kabo le phetisetso ea memori ho tsoa lits'ebetsong tse fapaneng tsa sistimi ka nako eo. Ka mohlalaampLe ka holimo, likarolo tse latelang li fana ka tlhahisoleseding: Sebaka sa Lebitso se bontša mesebetsi eo CPU e lokelang ho e etsa. Sebaka sa Bohlokoa se bontša litekanyetso tse peli: 1) ntho ea pele ea mosebetsi e entsoeng ke mohala oa sebele oa mosebetsi le 2) mosebetsi o tlang pele o arotsoeng ke mefuta e mengata ea lintho tse tlang pele tsamaisong. Sebaka sa BytesInUse se bonts'a palo ea 'nete ea li-byte tse sebelisoang ke kabo ea mohopolo e matla bakeng sa mosebetsi o itseng. Sebaka sa BlocksInUse se bontša likaroloana tsa memori tse abetsoeng ho etsa mosebetsi o itseng. Tšimo ea Reaper e bonts'a litekanyetso tse tharo: 1) nako eo mosebetsi o reriloeng ka eona ts'ebetsong ea mokhoa oa mosebelisi, 2) nako eo mosebetsi o reriloeng ka eona ts'ebetsong ea sistimi, le 3) hore na mosebetsi o ntse o shebelloa ke mohlokomeli oa mosebetsi oa kotulo (e bonts'itsoeng ke "T"). Haeba mosebetsi o ntse o shebelloa ke mohlokomeli oa mosebetsi oa bakotuli, tšimo ena e boetse e bontša boleng ba nako (ka metsotsoana) pele mosebetsi o hloka ho hlokomelisa setsebi sa mosebetsi.
· bonts'a tšehetso ea theknoloji: E bonts'a lintlha tse ngata tse amanang le boemo ba sistimi, ho kenyeletsoa tlhophiso ea hajoale, ho putlama ha ho qetela. file, ts'ebeliso ea CPU, le ts'ebeliso ea memori.
· show run-config: E bonts'a tlhophiso e felletseng ea molaoli. Ho qhelela ka thoko litlhophiso tsa tlhophiso ea sebaka sa phihlello, sebelisa taelo ea show run-config no-ap.
Hlokomela Haeba u batla ho bona li-password ka mongolo o hlakileng, kenya config passwd-cleartext enable command. Ho phethahatsa taelo ena, o tlameha ho kenya password ea admin. Taelo ena e sebetsa feela bakeng sa kopano ena. Ha e bolokoe ka mor'a ho qala bocha.
· bontša litaelo tsa "run-config": E bonts'a lenane la litaelo tse hlophisitsoeng ho molaoli. Taelo ena e bontša feela litekanyetso tseo u li lokisitseng. Ha e bontše boleng ba kamehla bo hlophisitsoeng.
· bonts'a config-histori ea ho rema lifate: Taelo ena e ntlafatsa tlhahiso ea taelo ea "run-config" ka ho hlahisa lintlha tse ling tse latelang: · Lethathamo la litaelo tse phethiloeng li hlophisoa ka tatellano ea liketsahalo le linako.amp. · ID ea mosebelisi · Log ea litaelo tse phethiloeng nakong ea hona joale le ho fihlela ho tse peli tse fetileng.
Lenane la histori le tlaleha litaelo tse fetotseng litlhophiso tsa molaoli. Litaelo tse latelang li tlalehiloe ho log:
· config · pholosa · fetisa · kenya
Ho lokisa liphoso ho Cisco Wireless Controllers 11

Mabaka a ka 'nang a etsa hore Taolo e Reset

Ho lokisa liphoso ho Cisco Wireless Controllers

· download · reset · clear
Palo ea log file e bolokiloe ho diag_bundle/configlog/configHistory foldareng ho molaoli. Khoasolla Sephutheloana sa Tšehetso ho view litaelo tse etsoang nakong ea hona joale le ho fihlela ho tse peli tse fetileng. Sheba Tlhophiso ea Uploading Files tlas'a khaolo ea Managing Configuration.
Hlokomela Tlaleho ea histori file e lekanyelitsoe ho likhakanyo tse 10240. Keno ea khale ka ho fetesisa e nkeloa sebaka ka mor'a hore likhakanyo li fete moeli oa 10240 ho tloha ha molaoli a qala.
Mabaka a ka 'nang a etsa hore Taolo e Reset
Karolo ena e thathamisa mabaka ohle a ka bang teng a ho seta botjha. · Reset e qalisoa ke mosebelisi · Ho qala bocha ka thata/ho sa tsejoe · Hlophisa bocha ka lebaka la ho senyeha ha mokhanni · Hlophisa bocha ka lebaka la kotsi ea DP · Peer-RMI, peer-RP le liheke tsa kamehla tsa tsamaiso lia fihlelleha · Balaoli ka bobeli ba sebetsa ka nako e tšoanangamp, rebooting secondary controller · Mandatory argument is missing for starting redundancy manager transport task · E hlolehile ho theha sokete ea ho buisana le methaka · E hlolehile ho theha sokete ea ho buisana le methaka ka sehokelo sa bobeli · E hlolehile ho tlama socket ho buisana le lithaka · E hlolehile ho tlama socket ho buisana le lithaka ka sehokelo sa bobeli · License count has not received from primary controller · Not reachby Standby has not received files ho tloha ho E sebetsang · Li-XML tse senyehileng li fetisitsoe ho tloha ho e sebetsang ho ea ho Standby · Li-XML tse senyehileng ho selaoli se sebetsang · Ho hloleha ha TFTP ea Standby · XML e ncha e jarollotsoe

Ho lokisa liphoso ho Cisco Wireless Controllers 12

Ho lokisa liphoso ho Cisco Wireless Controllers

Mabaka a ka 'nang a etsa hore Taolo e Reset

· Kopo e sebetsang ho Standby · Ho hloleha ha Standby IPC · Setifikeiti se kentsoeng ho molaoli oa Standby · Khang e tlamang ho qala mosebetsi oa bo-dundancy manager ping ha o eo · Self sanity check hlolehile; balaoli ka bobeli ba maemong a tlhokomelo · Ho itlhahloba ho hlolehile; maemong a tlhokomelo hobane balaoli ka bobeli ba ne ba le mafolofolo · Ho itlhahloba ho hloleha ho hloleha; molaoli oa hona joale o ile a qala ho sebetsa pele lithaka li qala hape · Mosebelisi o qalile ho seta bocha · Phetisetso ea XML e qalile empa puisano ea karolo ha ea ka ea etsoa · Nako ea nako ea IPC e etsahetse ka makhetlo a mangata · Nako ea nako ea tsebiso e etsahetse · Tlhahlobo ea lithaka e hlōlehile · E sebetsa e theohile, Boemo ha bo e-s'o itokisetse ho nka sebaka · Configuration out of sync · Configuration download failure · Ha ho na letho la li-ports tsa RF tse hokahaneng. nako ea keepalive · Nako ea tsebiso ea lithaka · Nako ea sync ea lithaka · Tsoelo-pele ea lithaka e hlōlehile · Keiti ea kamehla e emeng ha e fihlellehe · Tsela e sebetsang ea kamehla ha e fihlellehe · Sehokelo sa taolo ea Redundancy le boema-kepe ba redundancy bo theohile · Boema-kepe ba Redundancy bo theohile · Sehokelo sa taolo ea Redundancy se theohile · Nako e emeng e felile · Nako e felileng · Nako ea nako e sebetsang · Palo ea laesense ha e amoheloe ho tloha ho Certificate Control ho ea ho XML E sebetsa ho Standby e hlolehile

Ho lokisa liphoso ho Cisco Wireless Controllers 13

Mabaka a ka 'nang a etsa hore Taolo e Reset

Ho lokisa liphoso ho Cisco Wireless Controllers

· Redundant pair e nka karolo e tšoanang · O ile a hloleha ho theha redundancy manager semaphore · O ile a hloleha ho theha redundancy manager keepalive task · O ile a hloleha ho theha mosebetsi o ka sehloohong oa mookameli oa mosebetsi · O hlolehile ho theha mola oa molaetsa oa mookameli oa mosebetsi · O hlolehile ho qala mosebetsi oa lipalangoang tsa mookameli oa mosebetsi · Controller ha a boemong bo nepahetseng bakeng sa nako e telele ho feta kamoo ho neng ho lebeletsoe · Khang e tlamang e haelloa ke ho romela molaetsa oa lehlabathe ho ea pele · Ho bopa mosebetsi o ka sehloohong oa mosebetsi o ka sehloohong. timer ho romela molaetsa oa puisano ea karolo · E hlolehile ho theha sebali sa nako ho romella melaetsa ho lithaka · E hlolehile ho theha nako ea ho sebetsana le nako ea puisano ea karolo e kholo · Khang e tlamang ho qala mosebetsi oa keepalive ha e eo · E hlolehile ho theha semaphore e sebelisetsoang ho romella melaetsa ea keepalive · Reset ka lebaka la config download · Watchdog reset · Lebaka le sa tsejoeng la reset

Ho lokisa liphoso ho Cisco Wireless Controllers 14

Litokomane / Lisebelisoa

CISCO WLC5520 Wireless Controllers [pdf] Bukana ea Mosebelisi
WLC5520, WLC5520 Wireless Controllers, Balaoli ba se nang Waele, Balaoli

Litšupiso

Bukana ea Mosebelisi

WLC5520 Wireless Controllers

Tlhahisoleseding ya Sehlahiswa

Litlhaloso:

Litaelo tsa Tšebeliso ea Sehlahisoa

Mohato oa 1: Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa WLAN
Netefatso

Hata 2: Ho lokisa liphoso ho Cisco Wireless Controllers

Example: Phihlello e Amohetse

ExampLe: Phihlello e hlolehile

LBH

P: Nka rarolla mathata a netefatso joang ho Cisco
Li-controller tse se nang mohala?

P: Ke lokela ho etsa eng haeba kopo ea ka ea netefatso e hloleha?

Litokomane / Lisebelisoa

Litšupiso

Tlohela maikutlo

Hlakola karabo

WLC5520 Wireless Controllers

Tlhahisoleseding ya Sehlahiswa

Litlhaloso:

Litaelo tsa Tšebeliso ea Sehlahisoa

Mohato oa 1: Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa WLAN Netefatso

Hata 2: Ho lokisa liphoso ho Cisco Wireless Controllers

Example: Phihlello e Amohetse

ExampLe: Phihlello e hlolehile

LBH

P: Nka rarolla mathata a netefatso joang ho Cisco Li-controller tse se nang mohala?

P: Ke lokela ho etsa eng haeba kopo ea ka ea netefatso e hloleha?

Litokomane / Lisebelisoa

Litšupiso

Tlohela maikutlo

Hlakola karabo

Mohato oa 1: Tharollo ea mathata Litšebelisano tsa AAA RADIUS bakeng sa WLAN
Netefatso

P: Nka rarolla mathata a netefatso joang ho Cisco
Li-controller tse se nang mohala?