Secure wireless and generic ldap

Unanswered Question
Dec 17th, 2008

Hi All,

I'm looking into setting up a secure wireless network and can't seem to find a good fit with environment we have.



ACS 4.1

Generic ldap

95% of laptops use built in Windows XP(SP3) configuration tool.

I can get everything working fine with Dell Wireless Utility or Intel utility in XP, Vista built in or 3rd party client but I CAN'T seem to get Windows XP built in client to work with anything.

I read the EAP Authentication Protocol and User Database Compatibility document and found out that I can use EAP-GTC, EAP-FAST phase 2 and EAP-TLS.

I'm looking into the most seamless way for our users to connect and taking "20 minutes" to configure their network card isn't a really good option.

Any ideas or suggestion (something I'm missing) would be greatly appreciated.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
CFayNTAdmin83 Thu, 12/18/2008 - 07:38

Hi. I am currently running a whole mix of clients with regards to WPA security. I have most of the laptops on their respective ccx supplicant / utility. However I do have users that run the WZC service from XP. I am not at SP3, but rather SP2 for most of the machines. I'm using PEAP (MSCHAPv2) and it works well in the SP2 environment. I did notice some issues running WZC on Vista with the new Intel N cards and early release drivers, but I didn't get a chance to try the updated versions to see if it would solve the problem. I'm running the Funk OAS radius server and the Microsoft IAS service. The problem with XP and WZC is the lack of EAP types supported. I lucked out because PEAP MSCHAPv2 is natively supported. I'm 99.9 percent positive that WZC under XP does not support LEAP and EAP-FAST since they are Cisco. So, unfortunately in order to get those clients going with WPA Enterprise security you're going to have to install the client card utility or have them run a different EAP type config.

craig.eyre Thu, 12/18/2008 - 08:32

Thanks for your reply,

I assume that you're running active directory? MSChapv2 isn't supported by open ldap so I'm stuck on that part. Thanks for the info which will help me in my testing.



This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode