dell laptop with windows xp sp2 with peap auth (using win control of wlan card)
I experience problem with missing machine authentication even though I have enabled this in acs (Enable PEAP machine authentication). The regkey on the pc's are standard windows (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EAPOL\Parameters\General\Global with no value set = 0)
I did have Cisco Airespace - not Cisco Aironet defined as aaa client in ACS for the wlc. Have now changed to Cisco Aironet and will check. What is the Airespace setting is supposed to be used for if not wlc?
Found this as a reference:
EAP Authentication with WLAN Controllers (WLC) Configuration Example:
"Define the controller as an AAA client on the ACS server. Click Network Configuration from the ACS GUI.
When the Network Configuration page appears define the name of the WLC, IP address, shared secret and authentication method (RADIUS Cisco Aironet or RADIUS Cisco IOS/PIX). Refer to the documentation from the manufacturer for other non-ACS authentication servers. "
still have problem with machine authentication that stops working after 3-4days. I narrowed this down to the Cisco ACS, as the only way to resolve this is to reboot the win2003 server running Cisco ACS. I did put en error in my first post, it's not the wlc log that reports this:
Is your ACS server a member server in the AD? Did your AD domain controller rebooted recently? In ACS 4.0, I found that once the DC rebooted, the exactly happened with machine authentication. I have to reboot the ACS and the problem fixed. I opened a case with TAC and I was told it is a bug and will be fixed in ACS 4.1. I haven't upgrade ACS to 4.1.