Security, WIDS/WIPS and Aruba ECS

Reply
Occasional Contributor II
Posts: 10
Registered: ‎01-19-2010

Cisco 7920 IP Phone and MAC Authentication

Does anyone know the right settings to use for internal DB mac Authentication in 3.4 to allow cisco wireless IP phones to work? I see the device show up and get "deny" role immediately as it doesn't seem to even pass a username on to the controller at all. I've tried a number of different username/password combinations to no avail (these are combinations I've set up in the internal DB hoping to get it to work).

The device does work just fine on the Aironet 1200, not sure why it won't work on the AP105. I've tried doing PC MAC auth on the same virtual AP and that works fine, giving an IP address and dropping into the right role. in that case I just put in the MAC of my pc wifi card with no colons and all lowercase for both username and pass and it worked. But it seems no matter what combination I try with this 7920 it won't login and finish auth successfully.

Any ideas?

TIA
Guru Elite
Posts: 19,946
Registered: ‎03-29-2007

Logging Level Debug User


Does anyone know the right settings to use for internal DB mac Authentication in 3.4 to allow cisco wireless IP phones to work? I see the device show up and get "deny" role immediately as it doesn't seem to even pass a username on to the controller at all. I've tried a number of different username/password combinations to no avail (these are combinations I've set up in the internal DB hoping to get it to work).

The device does work just fine on the Aironet 1200, not sure why it won't work on the AP105. I've tried doing PC MAC auth on the same virtual AP and that works fine, giving an IP address and dropping into the right role. in that case I just put in the MAC of my pc wifi card with no colons and all lowercase for both username and pass and it worked. But it seems no matter what combination I try with this 7920 it won't login and finish auth successfully.

Any ideas?

TIA




You should turn on user debugging:

config t
logging level debug user

Then you should try to get that client to associate, and then do "show log user " to see why it is not working.
Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Search Airheads
Showing results for 
Search instead for 
Did you mean: