Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

PEAP authentication problems..... HELP

I have AP 1200's, ACS 3.1 and XP machines (all with SP1 or better) The laptop that I use, has a Cisco Aironet card (350) and works just fine. I can authenticate with NDS using LEAP or PEAP.

However, the new IBM machines using internal "high rate wireless LAN" cards aren't playing well with my network. I'm setting them up for our library, and none will pass authentication. They always fail.

I have imported a Thawte certificate into our ACS server. Can anyone please give me some advice?

Cisco Employee

Re: PEAP authentication problems..... HELP

These "high rate" cards what standard are they ? 802.11a b or g ??

If they are 802.11a then you need a 802.11a radio installed in your AP1200 and it is configured as a seperate radio so you will need to also configure it in a similar way you have already for your 802.11b radio

If the cards are 802.11g then you need to makesure they are set to 11Mbps and are in compatable with 802.11b mode (should be by default but not all are) You then need to make sure these cards support 802.1x

If they are then run the EAP debugs on the AP to see what is happening

New Member

Re: PEAP authentication problems..... HELP


Any luck? We have the same kind of issue when using IBM laptops with external/internal cisco client adapters -a/b/g. Any other make Laptops works fine.The 1200 Series APs are properly configured but we are using PEAP with Radius.Any advice? Thanks in advance.



Re: PEAP authentication problems..... HELP

It may be that the laptops need Microsoft XP Service Pack 2.

I have some users with internal NICs (built-in / Centrino or similar) that wouldn't even pass with WPA-PSK (these were HP/Compaq). I checked the manufacturer web site and they specifically say that SP2 is needed for WPA.

I tested it with similar NICs in my own laptop. They wouldn't pass on SP1, and they hooked right up with SP2, even using the NIC vendor's application.

...and, for those that may not be aware, SP2 loads a new MS firewall and defaults it to "everything shutdown." Read about it and the other "features" on the MS site before loading SP2 so you'll know where to start chasing the problems. For the firewall, you can shut it down using a new icon in the control panel.



Re: PEAP authentication problems..... HELP

Hi, I have had similar issues before. I don´t remember the vendor, but in my case a software update on the AP did the trick for me.

regards. Kristjan CCNP

New Member

Re: PEAP authentication problems..... HELP

PEAP will fail if the client is checking for a server cert and your ACS server doesn't have one.

CreatePlease to create content