Questions about EAP-FAST

Unanswered Question
Apr 30th, 2008

I'm looking for some really good documentation on EAP-FAST. I have it running in a small production scenario right now so that I can conduct user trials. Links to good documentation would be appreciated or direct answers if you have them.

My Setup:

3750G switch with built-in controller (v.5.0.148.0)

4 * 1130AG access points

Cisco Secure ACS v3.3

Cisco PI21AG clients

Intel 4965AGN clients

My Issues:

1) Is there a way to disable the prompt that asks a user if they want to accept the PAC? There is no good reason to select "no".

2) When a user logs onto a machine for the first time the EAP-FAST authentication completes successfully and as soon as the desktop is diplayed, it goes through EAP-FAST authentication again. Subsequent logons by a user are fine. Why is this happening twice for first time users?

3) The answer for this question may explain #2. While checking the logs on my ACS server, "EAP-FAST user was provisioned with new PAC" gets displayed in Failed Attempts for a first time user.

4) Is there a way to do a machine PAC rather than 1 for each user?

5) when I checked my PACs using the Cisco ADU some of them are RED while the rest are GREEN. What does this mean?

Thanks in advance for your help.

Bruno

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
Loading.

Actions

This Discussion

 

 

Trending Topics - Security & Network