Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Questions about EAP-FAST

I'm looking for some really good documentation on EAP-FAST. I have it running in a small production scenario right now so that I can conduct user trials. Links to good documentation would be appreciated or direct answers if you have them.

My Setup:

3750G switch with built-in controller (v.

4 * 1130AG access points

Cisco Secure ACS v3.3

Cisco PI21AG clients

Intel 4965AGN clients

My Issues:

1) Is there a way to disable the prompt that asks a user if they want to accept the PAC? There is no good reason to select "no".

2) When a user logs onto a machine for the first time the EAP-FAST authentication completes successfully and as soon as the desktop is diplayed, it goes through EAP-FAST authentication again. Subsequent logons by a user are fine. Why is this happening twice for first time users?

3) The answer for this question may explain #2. While checking the logs on my ACS server, "EAP-FAST user was provisioned with new PAC" gets displayed in Failed Attempts for a first time user.

4) Is there a way to do a machine PAC rather than 1 for each user?

5) when I checked my PACs using the Cisco ADU some of them are RED while the rest are GREEN. What does this mean?

Thanks in advance for your help.



Re: Questions about EAP-FAST