windows PEAP with MS-CHAPV2 and Novell edirectory ??

Unanswered Question
Jun 1st, 2007

I have a wireless with Cisco aironet, ACS and user database is Novell edirectory. I found when I use windows PEAP with MSCHAPV2 the authentication failed, if use GTC it success.

I checked cisco site looks like Novell edirectory does not support windows PEAP with MS-CHAP authentication? is it right?

Is any solution for this? I would like to use windows wireless client with PEAP. otherwise i have to install third-part wireless client to support GTC.


Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
didyap Thu, 06/07/2007 - 13:20

Novell diectory does not support windows PEAP with MS-CHAP authentication

essen Thu, 06/07/2007 - 16:45

Hi,


Yes, thats correctly understood, the old way of handling this was to buy client software (former Oddyssey or Aegis) Today that software is Cisco Secure Services Client if you want EAP-GTC support. Otherwise the most viable solution today would be to use the Novell Client32 with 802.1x support through XP supplicant and then run "FreeRadius" for the connection to Novell. That is a special solution developed by Novell together with Free Radius. The Radius server in this case will "translate" between the LDAP database eDirectory and the supplicant running EAP-MSCHAPv2. Drawback is that the Novell Client32 with 802.1x support is still in beta a few more months.


Good luck,

Richard

daniel.marza Tue, 07/17/2007 - 02:36

Hi,


Did you make it work with a Token server or may it work with user/password credentials?

pharandst Thu, 01/03/2008 - 09:04

Is this still in beta and has anyone tested it with Novell SUSELinux yet?

Actions

This Discussion

 

 

Trending Topics - Security & Network