Hi,

I have a Hermes unit running WM6 Black edition 2.5 and I can connect to my corporate WIFI WPA2 PSK + AES network without any problem. The issue I'm having is with a Trinity unit running WM6 LVSW_Trinity_WM6_v2.0.0.7 (2007-05-19), I can't log on :(


Are there any known issues ? Is this a software problem or could it be hardware related ?

Regards,

John Gillespie

Hello,

I have installed the two WM6 images and no problem to connect to WPA AES and TKIP Wifi Networks
We have Cisco AP's What do you have on your site? could be an incompatibility of your AP's
At home I have a Fortinet 60 Wifi Firewall with WPA PSK, AES Encryption

Roman

My Trinity is using WPA2 and AES, it works very well

Hello,

I have installed the two WM6 images and no problem to connect to WPA AES and TKIP Wifi Networks
We have Cisco AP's What do you have on your site? could be an incompatibility of your AP's
At home I have a Fortinet 60 Wifi Firewall with WPA PSK, AES Encryption

Roman

We use Cisco AP's too.


My Trinity is using WPA2 and AES, it works very well

Which rom are you using ?

My trinity didn't connect to my network(wifi wpa..) because I had spaces in ma key,with key without spaces not problem! It's can be the same problem!
(sorry for my bad english)

We use Cisco AP's too.
Which rom are you using ?

I think my signature tells you that :rolleyes:

thanks, I'll try it

We use the
System Software Version: 12.3(2)JA2
Bootloader Version: 12.2(8)JA

Here is our Config for WPA2 and WEP 128bit...
The Radius EAP-TLS Config is on an other Site in Crans-Montana i will post it when i'm up there.... :-)

!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Clarens_5th-Floor
!
!
username Cisco password 7 xxxxxxxxxxxx
username Admin privilege 15 password 7 xxxxxxxxxxxxxxxxxxxxxx
ip subnet-zero
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 vlan-name HDSK vlan 120
dot11 vlan-name Mgmt vlan 254
dot11 vlan-name OldWEP vlan 199
dot11 vlan-name Staff vlan 119
dot11 vlan-name UserBatim1 vlan 31
dot11 vlan-name UserBatim2 vlan 32
!
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 199 key 1 size 128bit 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxx transmit-key
encryption vlan 199 mode wep mandatory
!
encryption vlan 120 mode ciphers aes-ccm
!
encryption vlan 119 mode ciphers aes-ccm
!
encryption vlan 31 mode ciphers aes-ccm
!
encryption vlan 32 mode ciphers aes-ccm
!
encryption vlan 33 key 1 size 128bit 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxx transmit-key
encryption vlan 33 mode wep mandatory
!
ssid GIHE
vlan 199
authentication open
mobility network-id 199
information-element ssidl advertisement
!
ssid HDSK
vlan 120
authentication open
authentication key-management wpa
mobility network-id 120
wpa-psk ascii 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxx
information-element ssidl advertisement
!
ssid LAUVISIT
vlan 33
authentication open
guest-mode
mobility network-id 33
!
ssid Staff
vlan 119
authentication open
authentication key-management wpa
mobility network-id 119
wpa-psk ascii 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxx
information-element ssidl advertisement
!
ssid Students
vlan 32
authentication open
authentication key-management wpa
mobility network-id 32
wpa-psk ascii 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxx
information-element ssidl advertisement
!
short-slot-time
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2437
station-role root
world-mode dot11d country CH both
!
interface Dot11Radio0.31
encapsulation dot1Q 31
no ip route-cache
bridge-group 31
bridge-group 31 subscriber-loop-control
bridge-group 31 block-unknown-source
no bridge-group 31 source-learning
no bridge-group 31 unicast-flooding
bridge-group 31 spanning-disabled
!
interface Dot11Radio0.32
encapsulation dot1Q 32
no ip route-cache
bridge-group 32
bridge-group 32 subscriber-loop-control
bridge-group 32 block-unknown-source
no bridge-group 32 source-learning
no bridge-group 32 unicast-flooding
bridge-group 32 spanning-disabled
!
interface Dot11Radio0.33
encapsulation dot1Q 33
no ip route-cache
bridge-group 33
bridge-group 33 subscriber-loop-control
bridge-group 33 block-unknown-source
no bridge-group 33 source-learning
no bridge-group 33 unicast-flooding
bridge-group 33 spanning-disabled
!
interface Dot11Radio0.119
encapsulation dot1Q 119
no ip route-cache
bridge-group 119
bridge-group 119 subscriber-loop-control
bridge-group 119 block-unknown-source
no bridge-group 119 source-learning
no bridge-group 119 unicast-flooding
bridge-group 119 spanning-disabled
!
interface Dot11Radio0.120
encapsulation dot1Q 120
no ip route-cache
bridge-group 120
bridge-group 120 subscriber-loop-control
bridge-group 120 block-unknown-source
no bridge-group 120 source-learning
no bridge-group 120 unicast-flooding
bridge-group 120 spanning-disabled
!
interface Dot11Radio0.199
encapsulation dot1Q 199
no ip route-cache
bridge-group 199
bridge-group 199 subscriber-loop-control
bridge-group 199 block-unknown-source
no bridge-group 199 source-learning
no bridge-group 199 unicast-flooding
bridge-group 199 spanning-disabled
!
interface Dot11Radio0.254
encapsulation dot1Q 254 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.31
encapsulation dot1Q 31
no ip route-cache
bridge-group 31
no bridge-group 31 source-learning
bridge-group 31 spanning-disabled
!
interface FastEthernet0.32
encapsulation dot1Q 32
no ip route-cache
bridge-group 32
no bridge-group 32 source-learning
bridge-group 32 spanning-disabled
!
interface FastEthernet0.33
encapsulation dot1Q 33
no ip route-cache
bridge-group 33
no bridge-group 33 source-learning
bridge-group 33 spanning-disabled
!
interface FastEthernet0.119
encapsulation dot1Q 119
no ip route-cache
bridge-group 119
no bridge-group 119 source-learning
bridge-group 119 spanning-disabled
!
interface FastEthernet0.120
encapsulation dot1Q 120
no ip route-cache
bridge-group 120
no bridge-group 120 source-learning
bridge-group 120 spanning-disabled
!
interface FastEthernet0.199
encapsulation dot1Q 199
no ip route-cache
bridge-group 199
no bridge-group 199 source-learning
bridge-group 199 spanning-disabled
!
interface FastEthernet0.254
encapsulation dot1Q 254 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 10.3.10.100 255.255.255.0
no ip route-cache
!
ip default-gateway 10.3.10.1
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
!
ip access-list extended DG_Access
deny ip 10.3.3.0 0.0.0.255 10.3.3.0 0.0.0.255
deny ip 0.0.0.0 255.255.255.0 any
deny ip 0.0.0.0 255.255.255.0 0.0.0.1 255.255.255.0
permit ip any any
logging snmp-trap emergencies
logging snmp-trap alerts
logging snmp-trap critical
logging snmp-trap errors
logging snmp-trap warnings
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
bridge 1 route ip
!
!
!
line con 0
transport preferred all
transport output all
line vty 0 4
transport preferred all
transport input all
transport output all
line vty 5 15
transport preferred all
transport input all
transport output all
!
end

Thanks for that info but it isn't a problem with the AP's since I can log on from my HTC HERMES unit running WM6 Black Edition.

I think my signature tells you that :rolleyes:

I have now upgraded to the same os and radio rom as you but I still can't log on to my wifi AP's :(

any idea what could be wrong ? are you sure that you are using WPA2 PSK + AES ?

Mine's a Trinity running the same image and my wireless network is on a WPA2log's on fine. Have a look at your router as some have a new version of the WPA encription this mite be why you are having troubles.

I'm use HP6828, My device Wi-Fi isn't support PKS-AES,
Who can tell me how to support it, thanks