Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

acs & 802.1x & external db (odbc)

Hello

I'm evaluating 802.1x authentication per eap-tls with ACS-Server (4.0). The authentication have to be done with an external odbc database (- we cannot use AD/windows database for this project). The certs on the server and on the client are ok. The SQL-Server returns OK. BUT: the authentication fails with "certificate name or binary comparison failed". In the auth.log file there are entries like:

AUTH 01/09/2007 14:40:05 I 1554 3440 pvAuthenticateUser: authenticate 'host/pcqj1c.sitest.net' against ODBCACS

AUTH 01/09/2007 14:40:05 I 0376 3440 External DB [ODBCAuthDll.dll]: FindUser start for user [host/pcqj1c.sitest.net]

AUTH 01/09/2007 14:40:05 I 0376 3440 External DB [ODBCAuthDll.dll]: Authentication OK for user [host/pcqj1c.sitest.net]

...

AUTH 01/09/2007 14:40:06 I 0897 3440 AuthenProcessResponse: process response for 'host/pcqj1c.sitest.net'

AUTH 01/09/2007 14:40:06 E 0361 3440 EAP: TLS: No match between name in certificate and user account

The CN in the clients cert is "pcqj1c.sitest.net"

Can anybody help ?

regards

Roland

198
Views
0
Helpful
0
Replies