We are trying to define a standard design for Wifi connectivity of our Internal users. Our users are using Windows XP and we would like that they authenticate using their RSA token. We are using LAP1131 and 4402 WLAN controllers.
We configured on the controller a WLAN SSID with as layer 2 security WPA and 802.1x authentication. As Radius server we are using a Ciscosecure server ACS 4.0.
On the Ciscosecure we generated a self-signed certificate.
The ACS uses the RSA token server as external DB for users authentication.
Since Windows XP doesn't support PEAP with OTP, we installed the Cisco Secure Services client (CSSC) on the client PC. We configured the CSSC for EAP-GTC tunneled into PEAP.
With this config in place, authentication still fails with in the ACS logs as error message: "External DB password invalid"
I am using an Intel(R) PRO/Wireless LAN 2100 3B Mini PCI Adapter on my laptop. Could the problem be linked to a hardware limitation?