Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

PEAP NDS Authentication

1200 AP latest Vx firmware. ACS appliance. Dell Inspiron with 0n-board 802.11b card running windows XP SP1. I can get PEAP to work with the ACS local database but not with NDS. Authentication fails. Anybody else have any problems with NDS External Database? This is my last step to being successfull on this.

On another XP machine I installed the MS patch for PEAP, but the GTC option still does not show up. Do I need to install the Cisco ACU for this to appear?

Thanks

5 REPLIES
Silver

Re: PEAP NDS Authentication

If you are using the PEAP-MSCHAPV2 that comes with windows, you cannot reference NDS. NDS does not understand MSCHAP encryption. Authentication to NDS requires PEAP-GTC.

New Member

Re: PEAP NDS Authentication

There are two versions of PEAP. Cisco's and Microsofts. Microsofts version (comes with XP SP1 and you can download the client for other OS's such as 2000) uses MS-CHAPv2 too authenticate with user databases. MS-CHAPv2 can only be understood by MS user databases such as NT Domains and Active Directory. NDS will not understand. Cisco's version of PEAP can authenticate with any LDAP database such as NDS or Active Directory. But to use Cisco's version you need either a Cisco Aironet Client Adapter or a WIreless adapter with Cisco Compatible Extensions (CCX). You can use both Cisco PEAP and MS PEAP through out your Wireless Network if you have multiple user databases (we have NT Domains, Active Directory Domains, and NDS). But take note, Cisco's PEAP and MS's PEAP are not compatible on the client. If you are using MS PEAP on an XP SP1 client, and you download Cisco's ACU, MS PEAP is no longer used and you must reinstall SP1 to revert back. If you are using Cisco PEAP and install XP SP1 afterwards, you will need to reinstall the ACU client.

New Member

Re: PEAP NDS Authentication

were you able to resolve your issue with PEAP not authenticating with NDS?

New Member

Re: PEAP NDS Authentication

Here is a configuration document we wrote while fighting with EAP methods and LDAP. Configuration uses PEAP (EAP-GTC) for authentication.

http://www.hut.fi/~ejaakola/eapgtc_conf_guide.htm

Configuration uses : Windows XP + SP1 + ACU, Aironet 1200, Cisco ACS 3.2.1 and Novell Edirectory 8.7.

Hopefully this helps. My email can be found from the document, feel free to mail me about any suggestions or problems considering the document.

Esa

New Member

Re: PEAP NDS Authentication

Hi,

may I have the configuration?

I have the same problem,but with ACS 4.1.

Best regards

Stefano

211
Views
0
Helpful
5
Replies
CreatePlease to create content