Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

WCS and Radius Authentication

Hello,

I'm trying to configure WLAN authentication on my WCS to prompt users about their credentials.

I'm using a Windows 2008 NPS as Radius server but I can also use a Cisco ACS 3.3 if needed.

With each setup I tried, the credentials are sent automatically to the Radius server using the Windows user session credentials.

How can I force the WCS to ask for a username and password before sending them to the Radius Server ?

I can send screenshots of my config if needed.

Thank you for your help,
Nicolas

1 ACCEPTED SOLUTION

Accepted Solutions

Re: WCS and Radius Authentication

In the config of the supplicant do you have the box checked to use caged credentials?

Of you do, which is default, windows uses the credentials the client logged into the laptop with. So they wouldn't get a prompt.

Now be careful as windows doesn't do a great job of popping a box to login with. You have to be looking down by the status bar to see the balloon or the antenna icon.

Steve

Sent from Cisco Technical Support iPhone App

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
4 REPLIES

Re: WCS and Radius Authentication

What is the WLAN configured for security wise? If you have it set for 892.1x it will prompt the user for credentials or use the cached ones from the machine login.

Steve

Sent from Cisco Technical Support iPhone App

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
New Member

WCS and Radius Authentication

I'm already using WPA2 with 802.1x but can't find a way that asked the client about his credentials

Re: WCS and Radius Authentication

In the config of the supplicant do you have the box checked to use caged credentials?

Of you do, which is default, windows uses the credentials the client logged into the laptop with. So they wouldn't get a prompt.

Now be careful as windows doesn't do a great job of popping a box to login with. You have to be looking down by the status bar to see the balloon or the antenna icon.

Steve

Sent from Cisco Technical Support iPhone App

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
New Member

WCS and Radius Authentication

Support team will not be able to modify supplicant config. I guess the best way then would be to use web auth on WCS.

I'm not sure it can be used with WPA 2 on the wcs/wlc. I will have to check tomorrow morning when back at work.

I think you are right' Windows default behavior is to send cached credentials.

Thank you for your help.

468
Views
0
Helpful
4
Replies
CreatePlease to create content