WLC Single sing on with out PEAP

Unanswered Question
Aug 3rd, 2009
User Badges:

I have

ACS (4.2)1113 series

2003 AD server and 4402 WLC

is there any way to integrate all this for single sign on process by adding computer on the ADgroup(wireless) . Note i don't have any certificate server and don't want to use any certificate in the network.

Help me out. need ur prompt reply

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dancampb Mon, 08/03/2009 - 05:46
User Badges:
  • Cisco Employee,

You could use LEAP or EAP-FAST for the user authentication. Just point the ACS server to look to AD for the username/password validation. There isn't a machine authentication option with these EAP methods but they also don't need certs.

pandapritam Mon, 08/03/2009 - 05:53
User Badges:

I need machine authentication option. can i use peap without the certificate.


i want the users which are in wireless group in AD only access the wireless (this AD group inturn mapped with the ACS group)

Robert.N.Barrett_2 Mon, 08/03/2009 - 07:18
User Badges:
  • Bronze, 100 points or more

If your clients are running Windows with Wireless Zero Config, then you have the option in the PEAP settings to disable the server certificate check. With that check disabled, then the only thing the client needs is a user id and password (to check against AD).

The Intel ProSET client also allows you to disable the server certificate check. I do not know about other clients.


This Discussion



Trending Topics - Security & Network