Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
367
Views
0
Helpful
1
Replies

Authentication issue with ACS (PEAP with MS CHAPv2)

ciscoprolin
Level 1
Level 1

‎08-10-2007 06:49 AM - edited ‎07-03-2021 02:28 PM

Dear friends,

we have a Cisco ACS 4.1 and as long as we worked with EAP-FAST we had no problems. For Security reasons it was decided we switch to PEAP with MS-CHAPv2 for the inner authentication.

We installed a PKI Server Certificate on the ACS Server without any problems and then exported the ACS Radius Server Certificate along with the CA Certificates to the Clients Certificate Store. But the client just does not authenticate against the ACS Server with PEAP as soon as we enable "validate Server Certificate" (with validate Server Certificate disabled it works perfrectly). Can you help us ? Thanks so much. We use the ACS internal Database.

Labels:
0 Helpful
1 Reply 1

Jagdeep Gambhir
Level 10
Level 10

‎08-10-2007 07:16 AM

If you click validate server cert, then you need to have CA installed on the client.

Since you dont have CA installed that is why its not working.

Regards

~JG

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card