CAR 4.1, External ODBC DB and eap-ttls, configuration

cpinal · ‎08-29-2007

I?m trying to authenticate users with an external ORACLE data base and implementing eap-ttls to validate users with CAR 4.1 server but I still can?t have a successful request, so I decide to follow the steeps cisco documentation have to implement eap-ttls in CAR 4.1 with local users and the result was the same, I haven?t an successful request again, so at this moment have the doubt I is a problem in my configuration or if CAR really does support eap-ttls, specially with external data bases, does anyone has implemented something similar or know an example that shows if this implementation is possible ???

I really appreciate any suggestion or guide

thomas.chen · ‎09-05-2007

You should check if you have defined a service that defines which method you use to look up user records, e.g. one of local, odbc, domain-auth, ldap, rex or java. For example, check if you already have a service called "local-file" to look up users in the local database. If you have recently upgraed CAR form a lower version then the problem may be due to licence issues and you should renew your licence.

pvelappa · ‎09-12-2007

Cisco Access Registrar supports EAP-TTLS with internal as well as external LDAP/ORACLE database.

[In AR4.1, you might get a validation error when you try to configure a odbc or ldap service as the inner method. This is a validation issue with AR CLI and can be worked-around.]

You have mentioned that you could not get TTLS service up using local database as well.

Double check your configuration and make sure that you have updated licenses.

http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cnsar/4_1/users/eap.htm

AR trace messages captured at level 5 should give a clue as to why authentication is failing.