Re: Cisco 1200 Series WAP - EAP

From: Paul Kingston (paul@vixtro.com)
Date: Thu May 12 2005 - 07:38:05 GMT-3

• Next message: Marakalas: "ISIS over Frame Relay"
• Previous message: stephen skinner: "Re: Hey Ccielab ;)"
• Maybe in reply to: Paul Kingston: "Cisco 1200 Series WAP - EAP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi James,

On the WAP I used the "test aaa ....." command and the authentication with
the windows database was successful and the user was automatically places in
ACS.
I have setup a "Web Server" certificate on the CA Server and with windows
2003 the certificate needs to be duplicated and imported before a
certificate can be requested.

TAC said that Cisco's version of PEAP was required if the unknown user
"external??" database was used. Did you get non Cisco client cards to
Authenticate on the network?
If you are using External database and non Cisco client cards please let me
know.

(PEAP MS CHAP v2) is shown not to work by Cisco:
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/o.htm#wp801135

Regards,

Paul

NOTICE: The information contained in this email is confidential. If you
are not the intended recipient, you must not disclose or use the information
in this email in any way. If you received it in error, please tell us
immediately by return email and delete the document. We do not guarantee
the integrity of any emails or attached files and are not responsible for
any changes made to them by any other person.

Where were we 10 years ago, where will we be in 10 years time, whatever the
dream may be the only way there is NOW!"
----- Original Message -----
From: "Keane, James" <James.Keane@agriculture.gov.ie>
To: "Paul Kingston" <paul@vixtro.com>
Sent: Thursday, May 12, 2005 8:14 PM
Subject: RE: Cisco 1200 Series WAP - EAP

I have set up Cisco ACS v3.2 with 1200 WAP using Cisco Aironet client
I used certificates, installed a cert on the client, cert on the ACS
I made a static user on the ACS that I configured on the client.

I also used a certificate authority that is locally setup.

Just configure the unkown user database mapping to pass that authentication
onto win2000 or 2003

-----Original Message-----
From: Paul Kingston [mailto:paul@vixtro.com]
Sent: 12 May 2005 10:52
To: ccielab@groupstudy.com
Subject: Cisco 1200 Series WAP - EAP

Hello,

Has anyone set up the Cisco 1200 Series WAPs with EAP?

Windows LDAP <------ Cisco ACS v3.3 (CA Certificate Server) <----------
Cisco
1200 WAP <----------- Wireless Client

I can not seem to get PEAP to work.

The ACS v3.3 server is running windows 2003 enterprise to duplicate and
allow
the import of certificates as shown on TAC/CCO.
Authentication Fails.

Regards,

Paul

• Next message: Marakalas: "ISIS over Frame Relay"
• Previous message: stephen skinner: "Re: Hey Ccielab ;)"
• Maybe in reply to: Paul Kingston: "Cisco 1200 Series WAP - EAP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:57 GMT-3