Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS machine AND user authentication with Mac OS?

Is it possible to authenticate MacBook Pro (OS 10.6.2) domain member client the same way as the microsoft domain member clients listed below (...machine AND user creditional authentication via AD, using pacs, etc.)?

ACS 5.1  - Radius

AD identity store

eap-fast machine AND user creditional authentication, using pacs

XP/Vista/Win7 domain member clients authentication flow works correctly

4 REPLIES
Cisco Employee

Re: ACS machine AND user authentication with Mac OS?

Rod,


ACS supports EAP-TLS, EAP-FAST, PEAP (EAP-MSCHAPv2), and PEAP (EAP-GTC) for machine authentication. You can enable each separately on the Active Directory: General Page, which allows a mix of computers that authenticate with EAP-TLS, EAP-FAST, or PEAP (EAP-MSCHAPv2). Microsoft operating systems that perform machine authentication might limit the user authentication protocol to the same protocol that is used for machine authentication.


I think MAC clients does support machine authentication because I have seen machine authentication on MAC clients with VPN so there must be an option for EAP protocol. Now, If MAC clients send the machine authentication in the same format then yes it will works with windows enviorment.


Machine authentication in ACS 5.1

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/eap_pap_phase.html#wp1014866



EAP-FAST in ACS 5.1
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/eap_pap_phase.html#wp1013804


Regds,

JK


Do rate helpful posts-

~BR Jatin Katyal **Do rate helpful posts**
New Member

Re: ACS machine AND user authentication with Mac OS?

Rod,

Did you ever get this  working? I have the same question and am intrigued to know if the MAC OS will support machine authentication.

I've had a good look around, and there doesn't seem to be much information about...

Thanks.

Nigel.

New Member

Re: ACS machine AND user authentication with Mac OS?

No...never got it working, perhaps some changes to the Active Directory schema would be required.

Rod

New Member

Re: ACS machine AND user authentication with Mac OS?

I am trying to do the same thing.  I would like to use machine authentication using PEAP on a Mac, but I don't see a setting to tell the mac to use machine auth vs user auth.

962
Views
0
Helpful
4
Replies