Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Wireless authentication - Allow PEAP, but not LEAP?

Hi,

Consider the following SWAN environment:

Aironet 1200 IOS APs, with a reasonably current version.

Cisco ACS for windows.

Cisco Wireless cards - some as old as 350s.

* LEAP authentication for WDS.

* PEAP authentication for WLAN clients.

where WDS LEAP authentication is performed by ACS for windows and PEAP is also there a way to only allow

2 REPLIES
Silver

Re: Wireless authentication - Allow PEAP, but not LEAP?

Try doing the following.

go to the 'Leap' section under System Configuration > Global Authentication Setup and uncheck the 'Allow LEAP (For Aironet only)' option . By doing this you are denying Leap Authentication happening on the ACS Server.

Also, note that Leap and Peap authentication can only be enabled or disabled globally on the ACS server and group or device specific authentication is not possible.

New Member

Re: Wireless authentication - Allow PEAP, but not LEAP?

I know how to disable it. That is the problem. If I do disable LEAP globally, then LEAP authentication will not work for WDS. Therein lies my problem.

133
Views
0
Helpful
2
Replies
CreatePlease to create content