Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Cisco LWAPP PEAP username and machine authentication

Hi

I have configured my Cisco wireless network to use Windows AD username and machine authentication. When I use my laptop with a Cisco AIR-CB21AG-E-K9 cardbus adapter I can see in the Cisco ACS 4.1 passed authentication logs that both the machine and my username have authenticated against Windows active directory.

When I login with a laptop with an Intel wireless adapter I can only see the machine hostname authenticating. I am also able to login with a local account on the laptop.

From documentation I believe the Wireless client should provide both machine and username authentication.

There is probably a configuration error on the WLC or ACS.

Any thoughts

Mark

2 REPLIES
Bronze

Re: Cisco LWAPP PEAP username and machine authentication

Check if the Wireless EAP group policy has been configured to allow wireless devices (Laptop) to perform user and machine authentication. Configure the EAP Group policy as "user re-authentication”. This will solve the issue.

Bronze

Re: Cisco LWAPP PEAP username and machine authentication

I have seen the same problem. TAC told me that WLC won't generate two accounting-start for the same user session. So if the WLC generates accounting-start for machine name, it won't gerenate another accounting-start for username.

Zhenning

348
Views
0
Helpful
2
Replies
CreatePlease to create content