Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
581
Views
0
Helpful
7
Replies

PEAP: ACS3.2 and MS XP driver

lunestadr
Level 1
Level 1

‎12-05-2003 08:37 AM - edited ‎07-04-2021 09:12 AM

Hi,

I realize that this has been discussed before, but I am still confused after reading through the forum.

My scenario is as follows:

Cisco AP1230

Cisco ACS 3.2

Laptops with built-in 802.11b cards(non-cisco)

I want to use the windows XP driver with PEAP (MS PEAP), and not install some LEAP supplicant. I have integrated the ACS with the Win2000 AD and a RSA SecurID.

I would imagine that this is a fairly common scenario now as most laptops come with built-in 802.11 cards. I can't find any complete docs that describes how to set this up - only bits and pieces here and there.

Please, can somebody or Cisco moderator enlighten me on this ?

I would belive many people will agree with me that this should be a priority to get a sample config of this to:

http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=Technologies:Wireless_LAN_General&s=Implementation_and_Configuration#Samples_and_Tips

best regards rolf

Labels:
0 Helpful
7 Replies 7

mmelbourne
Level 5
Level 5

‎12-10-2003 05:16 AM

I agree entirely. I too would like to do exactly the same, but as you say, documentation is patchy. In addition, I'd like to know whether the MS PEAP supplicant requires a second 'PEAP' login, in addition to the user's domain logon, as ideally, I'd prefer it to be transparent, as in our current LEAP implementation. Do the cards themselves need to support PEAP in any way, or will any card would providing the underlying OS supports PEAP?

0 Helpful

marcbutler
Level 1
Level 1

‎01-13-2004 01:56 AM

Well, Rolf. This is a brief synopsis.

Win XP must be SP1.

You have to install the PEAP supplicant that comes with the Aironet ACU install utility, but you do not have to install the ACU in full.

IN your connection properties, you have to check 802.1x authentication and you need to check Authenticate as Computer. Then choose properites from the same page and check "Validate Server Certificate" and choose your CA from the drop down.

As for the server side of things, if you need more help, post again

0 Helpful

a_mayat
Level 1
Level 1
In response to marcbutler

‎01-21-2004 06:40 AM

I dont think it is possible (from a lisencing perspective) to install the Cisco PEAP supplicant to work with non Cisco cards as you suggest above.

I have been trying to get this working, but have come across many problems.

0 Helpful

e.ngo
Level 1
Level 1
In response to lunestadr

‎01-20-2004 04:38 PM

I tried to configure PEAP with Cisco supplicant but the ACU v6.2 firmware kept rebooting the XP SP1 laptop. I had to revert to ACU v6.1 firmware. Does anyone have the same problem?

0 Helpful

kkudlacek
Level 1
Level 1

‎02-19-2004 06:33 AM

Any progress on this? I'm trying to do something very similar, sans Win 2000AD (we are using and RSA server local database).

Documentation is very fragmented from RSA and Cisco and seems to be out-of-date. This is a complicated setup!

-Kale

kale@ieee.org

0 Helpful

steve.deal
Level 1
Level 1
In response to kkudlacek

‎02-19-2004 07:01 AM

I can get PEAP working with non-cisco cards no problem. The problem is with my cisco 352 cards I can get PEAP working with the XP client. If I install the Cisco supplicant it will still work but, as soon as you use ACU 6.2 the computer can no longer authenticate.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card