Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Layer 2 Authentication 802.x / PEAP

Hello,

I'm looking for a solution on how can I integrate WLC 5508 and IAS 2003 to allow clients to authenticate using their Active Directory username and password?

Please note that;

Appreciate your feed back please.

 

Regards,

Everyone's tags (6)
4 REPLIES
New Member

Hello,I have followed the

Hello,
I have followed the steps outlined in this http://www.pskl.us/wp/?p=125&cpage=1#comment-14543 tutorial but I'm unable to proceed further on this as whenever I connect the client it prompt for the username and password when I supply the username I get Warning in the IAS which is wrong username/password.

I quoted in this tutorial "The first time you connect, you’ll be asked to accept the RADIUS server’s certificate." Does that mean the certificate has to be installed on the client machines in order for them to authenticate and connect to the WiFi network?

Also I can see the client machine Event Error 36882 "SChannel" which is stated that the Certificate received from the remote server was issued by an Untrusted Certificate Authority and none of the data contained can be validated. Connection request failed.

In my environment I have WLC 5508 and IAS 2003. Any help can be provided to achieve this?

Thanks,

 

Hall of Fame Super Silver

"The first time you connect,

"The first time you connect, you’ll be asked to accept the RADIUS server’s certificate."

> This is because you are validating the server certificate of your are specifiying the radius server on the client.  On ipads and iphones, you will always have to accept the certificate on the first connection and this will apply to other devices as well.  Not all, but some.

Also I can see the client machine Event Error 36882 "SChannel" which is stated that the Certificate received from the remote server was issued by an Untrusted Certificate Authority and none of the data contained can be validated. Connection request failed.

> This is becauseyou are validating the server certificate.  

Getting this to work is not easy if its your first time.  You will have to understand PKI and how certificates work so you understand the errors.  There are many variables to be honest and you can have an issue with the IAS server, its policies, clients setting and even a certificate that can't be used for 802.1x.  All I can say, is that you have to look at more guides on the internet and try to understand how each tries to deploy 802.1x.  For now, you only can use PEAP, which is just a cert on the radius side, but you need a valid certificate that can be used for 802.1x.

-Scott
*** Please rate helpful posts ***
Silver

wel here are few linksfor IAS

wel here are few links

for IAS (Step by step)

https://araihan.wordpress.com/tag/ias-server/

for NPS

http://www.fatdex.net/php/2013/09/23/configuring-nps-on-server-2012-with-cisco-wlc-part-1/

New Member

Hi,Thanks for your feedback,

Hi,

Thanks for your feedback, I will go through the links provided and response back very shortly.

 

Regards,

 

922
Views
0
Helpful
4
Replies