Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
560
Views
0
Helpful
2
Replies

Cisco LWAPP PEAP username and machine authentication

mark.cronin
Level 2
Level 2

‎10-17-2008 02:26 AM - edited ‎07-03-2021 04:38 PM

Hi

I have configured my Cisco wireless network to use Windows AD username and machine authentication. When I use my laptop with a Cisco AIR-CB21AG-E-K9 cardbus adapter I can see in the Cisco ACS 4.1 passed authentication logs that both the machine and my username have authenticated against Windows active directory.

When I login with a laptop with an Intel wireless adapter I can only see the machine hostname authenticating. I am also able to login with a local account on the laptop.

From documentation I believe the Wireless client should provide both machine and username authentication.

There is probably a configuration error on the WLC or ACS.

Any thoughts

Mark

Labels:
0 Helpful
2 Replies 2

hadbou
Level 5
Level 5

‎10-23-2008 02:15 PM

Check if the Wireless EAP group policy has been configured to allow wireless devices (Laptop) to perform user and machine authentication. Configure the EAP Group policy as "user re-authentication”. This will solve the issue.

0 Helpful

zhenningx
Level 4
Level 4

‎10-24-2008 08:51 AM

I have seen the same problem. TAC told me that WLC won't generate two accounting-start for the same user session. So if the WLC generates accounting-start for machine name, it won't gerenate another accounting-start for username.

Zhenning

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card