Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS doesn't support EAP-MD5 with Windows AD Database

Hi,

I would like to know the reason why ACS cannot support EAP-MD5 with Windows AD Database? I plan to implement 802.1x on Wired and choose EAP-MD5 as the EAP protocol.

I understand that IAS can be used to implement EAP-MD5 with Windows AD database provided the user account password stored as Reversable Encryption Password in the Domain Settings.

Why cant I do the same with ACS?

Thank you.

Delon

2 REPLIES
Bronze

Re: ACS doesn't support EAP-MD5 with Windows AD Database

EAP-MD5 is the lease secure protocol. Industry support for EAP-MD5 is almost very minimal. It is used in combination with other EAP techniques.

Re: ACS doesn't support EAP-MD5 with Windows AD Database

This is the reason,

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/Overvw.html#wp858207

ACS is not designed to work in that way. And yes, it is the least favored, or now-a-days I guess no one uses EAP-MD5. Go for PEAP.

Regards,

Prem

309
Views
0
Helpful
2
Replies