Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

4402 Controller / RADIUS external authentication

We are using a Cisco 4402 Controller, and testing methods of web authentication. We are also testing a Meru controller - so our tests are geared towards the pros / cons of each.

With Meru, we are able to point the web authentiction page to a RADIUS server, and then have the RADIUS server run various types of scripts. One takes any username and password and enters them to a file, then returns a "0" to RADIUS which authenticates the user. Another script authenticates anyone with a certain e-mail suffix, and one shared password. And a 3rd one uses a CGI script to authenticate the username/passwords to our e-mail server.

All of this works great....

But not on the Cisco.

The Cisco controller can only accept a local username/password pair that's on the RADIUS server. Whenever we try a script (any one of them), the login fails completely.

Any thoughts?

Thank you!

1 REPLY
Silver

Re: 4402 Controller / RADIUS external authentication

Most authentication failures result from the user incorrectly entering the credentials when connecting to the NAS. Such failed attempts are logged to the Cisco Secure ACS Failed Attempts report. Entries in this report have a Message-Type of Authen Failed and a failure code set to one of the values given in the below url

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_paper09186a0080092565.shtml#wp476063

142
Views
0
Helpful
1
Replies