ACS 3.2 local user database w/ Windows XP PEAP working w/ Aironet 1200 PEAP
I have configured Aironet1200 to work on PEAP mode and windows xp client to authentication using PEAP ms-chapv2. And the Windows xp user has been added to the user database of ACS. Then I tried to connect the Windows XP computer to the wireless network but didn't be succeed. (Windows XP has prompted a dialog box for entering username, password and domain name). The ACS fail attempted logged the following two message:
NAS duplicated authentication attempt
External DB account Restriction
And then I tried to add an external user database mapping with Windows NT group, but the User still cannot connect to wireless.
Any idea? Or Where I can ask for the meaning of the error generated by ACS?
3. If you use external database mapping, make sure your ACS already joint your domain. Otherwise, it won't work. But you need to resolve your client auth via local AAA first before enabling this option.
For 'NAS duplicate authentication attempt', I have seen this message, which refers to client authentication attempt via AP that talk to more than 1 AAA/ACS (not sure related to your case).
In your ACS, enable IETF Radius Attribute  login &  Login.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :