I'm in charge of setting up a WLAN for macintosh and windows computers that are not managed by the local staff. The goal is to provide access to local servers. At first we went for a webvpn on an ASA, but it currently does not support Macs.
So I'm trying to setup a username/password authentication against LDAP with some kind MACOS free radius.
The WLC is configured like that :
wlan create 1 wifi-intranet.fonctionnaires wifi-intranet.fonctionnaires
wlan aaa-override enable 1
wlan radius_server auth add 1 1
wlan security static-wep-key encryption 1 104 <mode unknown> <passwd hidden> 1
wlan security wpa wpa1 enable 1
wlan security wpa wpa1 ciphers tkip enable 1
wlan enable 1
The freeradius has a self signed certificate, the mac users get prompted to trust that certificate, then authenticate with ldap credentials and it works just fine.
The windows computer is stuck on 'eap,request identity'. It just doesn't go any further.
It is configured as in the configuration guides for PEAP with WLC and ACS.
To summarize, authenticate windows computers with an ldap username/password, without other supplicant than the one provided with XP sp1.
The radius is a mac product named Elektron.
The wlan runs on a WLC4402 with 1130 AP's.