Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
464
Views
0
Helpful
3
Replies

Cisco ACS 3.3, Novell e-directory & 802.1x

o.oresotu
Level 1
Level 1

‎05-09-2006 11:44 PM - edited ‎03-10-2019 02:34 PM

Hi,

Pls., can anyone help with documentations on the integration of ACS 3.3 with Novell e-directory for user authentications with 802.1X configuration on the network.

Labels:
0 Helpful
3 Replies 3

darpotter
Level 5
Level 5

‎05-10-2006 01:19 AM

Hi

The first thing to say is probably dont use the 3.3 external authenticator for Novell because this has gone in 4.0. You need to use the Generic LDAP authenticator instead - this will make future ACS upgrades easier.

The best thing is to get this working for plain PAP authentications first. You can use radtest (in the acs utils directory) to perform test RADIUS authentications.

Once you have the ability to authenticate novell users via pap working, the next step is to get 802.1x setup. For this you'll have to use the painfully complicated EAP config pages. Basically you can really only look at PEAP GTC (originally intended for token/one time passwords but works with any clear text password)

Clients... you cant AFAIK use the standard windows 802.1x client because it only supports PEAP v0 with MSCHAP and LDAP doesnt support MSCHAP.

Therefore you'll need the Cisco 802.1x supplicant (or other that supports PEAP v1 + EAP-GTC.

Apols for this being complicated... but it is! There are a lot of inter-dependencies on supplicant + eap type + backend database.

Your best hope is for a Cisco TME to give you some help on the fine detail.

Darran

0 Helpful

jverkerke
Level 1
Level 1
In response to darpotter

‎07-31-2006 03:29 PM

I am facing the same problem. I would like to setup my ACS to authenticate Novell database using generic LDAP. Does anyone have a good documentation on how to do it? Thanks

0 Helpful

o.oresotu
Level 1
Level 1

‎05-10-2006 02:47 AM

Is it advisable to update to version 4 first and if so what is the procedure?.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents