Cisco Support Community
Community Member

ACS 3.1, PEAP, & Windows NT4.0 Domain Authentication

I'm trying to setup PEAP authentication of XP users through 1100 access points to an ACS 3.1 Radius server. I know that I can download the client utility for the client side or use MS (suggestions?).

I need an installation guide for the access points and especially for the ACS software installation and what's required to set it up. I attempted going through the installation but it asked for an IP for the ACS software and then the IP of the server itself. Can these be the same IP?

Help is much appreciated,

Mike Goodman

Community Member

Re: ACS 3.1, PEAP, & Windows NT4.0 Domain Authentication

The ACS setup:

The first ip you're referrring to is for the server the ACS software is installed on.

the second is for the Network Access Server. A Network Acess Server, in the context of ACS, is any network device that requires authentication to allow access.

So this includes switches, access points, routers, vpn concentrators - whatever.

For the initial install, you can put in any ip address you want for the NAS. Then, when you have a Radius client (an Access Point) that you want to add, you can do that after you're setup (it's under network configuration).

If you want to read the installation instructions, they walk you through a new installation here:

Creating a Cisco Secure ACS Installation

The Access Point already comes with software installed. Maybe you're referring to the configuration guide? There are different configuration guides, depending upon the model that you're using.

Here's the one for the 1200's:

Cisco Aironet 1200 Series Access Points


Community Member

Re: ACS 3.1, PEAP, & Windows NT4.0 Domain Authentication


I've got ACS 3.1 working (it's using an external NT 4.0 database), my AP 1100 is setup, and my XP laptop with a Cisco 350 card running the ACU(aironet client utility) software. Everything is working great with LEAP. Problem is I want to use any card with XP SP1 and that would require PEAP which I cannot get working. All of the Cisco documentation that I've found and that has been sent to me from my TAC cases cannot tell me how to get PEAP working with XP SP1, a non-Cisco card, and the windows wireless configuration that comes with XP. They all refer to a Cisco card and the ACU. Any suggestions other than opening a call with Microsoft?

Community Member

Re: ACS 3.1, PEAP, & Windows NT4.0 Domain Authentication

Check > knowledge base. Search on PEAP or IAS. They have good documentation there about setting up what you're trying to do.

You're biggest hurdle is going to be getting the certificate garbage set up correctly. This is what drove me nuts.

CreatePlease to create content