ACS 3.3 PEAP authentication problem

Unanswered Question


We're running ACS 3.3 on a Windows 2003 server. We're using this server for Radius and integrating a Windows database.

Our wireless clients use PEAP to authenticate.

Suddenly none of our wireless clients can authenticate throughout our enterprise, which is turning out to be quite a serious problem.

Our configuration hasn't changed. I'm wondering if something happened to our certificate. We're using a self signed certificate that we generated via ACS.

Can I simply issue a new cert via ACS and see what happens?

I'm really in a bind right now.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (5 ratings)
Jagdeep Gambhir Fri, 06/20/2008 - 06:32

Self sign certs are only valid of one year. Since all wireless users cant connect, I believe that ACS cert has expired.

Please go ahead and install new SSCert.



Do rate helpful posts

Hello JG,

You are correct, thanks. Just paranoid, I guess.

In the ACS System Configuration to generate a new self signed cert, I want to make sure I don't need to change the any of the fields that are already entered. It looks like I just need to enter the private key password, and then check the box to "Install generated Certificate", and submit.



Jagdeep Gambhir Fri, 06/20/2008 - 14:11


Please check your group mapping. It may be possible that user is getting mapped to disabled group.

If that is not the issue then we need to see auth.log , that will tell us what is the reason for failure.

Increase the loggin level to full and recreate the issue and see auth.log




This Discussion