Cisco Secure ACS 1113 Appliance V4.0 - Machine Authentication

Unanswered Question
Feb 1st, 2007

I am testing a Cisco ACS 1113 Appliance V4.0 for Wireless LAN Authentication. I have installed the Windows Agent on a Windows 2003 Active directory Server and I have installed a Certificate on the ACS and intend to use PEAP.

Has anybody been able to get Machine Authentication to work using the 1113 ACS Appliance?

Looking at the Windows security logs it looks like the server is seeing a machine called "CISCO" trying to authenticate. I believe this is the ACS.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
Loading.
amrkrish Fri, 02/09/2007 - 22:50

For ACS to perform Windows authentications we need to specifiy a workstation name.

In AD , the user should have access to all computers.

OR

A computer account named CISCO should exist.

All users that Windows will authenticate have permission to log in to the computer named CISCO.

ACS shows error message only when the user tries to login from a work station he has no permission to log on.

If you are using ACS 4.1 this link will be useul.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_installation_guide_chapter09186a008070a63c.html#wp1041202

We need to enable PEAP machine authentication inside ACS Windows Authentication Configuration.

mark.cronin Mon, 02/12/2007 - 08:14

Just to clarify

When a Windows Administrator looks in his/hers security logs it will appear that multiple wireless users are logging in to the same Machine "CISCO".

Is this correct?

When machine authentication is configured the

Windows Administrator will see the Machine account authenticate against AD. The password for the machine account is created

when the Machine joined the Windows domain.

is this correct?

Does creating the machine account CISCO represent a security risk?

amrkrish Wed, 02/14/2007 - 03:50

The Windows Administrator see multiple wireless users are logging in to the same Machine "CISCO" .

As far as i know there has been no security incidents related to this.

Actions

This Discussion