I want to configure PEAP on WIN2000 with the 802.1X patch. I have ACU ver.5.05 and ACS3.1 on windows. My external LDAP stores passwords in clear text format. Am I gonna have any problems since the PEAP uses MS-CHAP V2 and the LDAP uses clear text?
Also, do I need certificate on the wireless client in addition to the server certificate on ACS (like EAP-TLS)?
1)PEAP will not work from Win2K SP3 client through Cisco Secure ACS since MS uses PEAP-MSCHAPV2 and Cisco PEAP uses PEAP-GTC. So you might end up in a message like "Invalid message authenticator in EAP request".
But with ACU 5.05 , this is not an issue, I guess. You can see it here: