I'm building a small lab as a test for a large wireless deployement.We need to implement eap fast with manual PAC provisionning.
It works fine with internal ACS users for both manual & anonymous inbound but only with anonymous inbound if I use ACS and AD domain , the manual PAC in this case fail(got invalid username errors on the client even if it's the user login and pass are correct in the AD)
I'm using ACS 4.2,WLC 4400, Intel pro as a wireless client .
"manual PAC provisioning" and "large wireless deployment" are incompatible requirements, in my book. Putting a certificate on a couple of ACS servers for secure automatic provisioning is much more efficient than hand-provisioning hundreds or thousands of clients.