https://community.cisco.com/t5/network-access-control/non-active-directory-ldap-user-authentication-with-acs-5-3/m-p/2237177#M110014 <P>Has anyone gotten any non-AD LDAP authentication to work with Secure ACS 5.3 or 5.4?</P><P></P><P>Specifically, I'm trying to authenticate user access to our secure wireless network, controlled by a pair of 5508 controllers.</P><P></P><P>I can get it to work if the laptop has support for Cisco's flavor of PEAP, but not for Microsoft's version of PEAP.</P> Mon, 11 Mar 2019 03:31:25 GMT GRANT GATHAGAN 2019-03-11T03:31:25Z https://community.cisco.com/t5/network-access-control/non-active-directory-ldap-user-authentication-with-acs-5-3/m-p/2237177#M110014 <P>Has anyone gotten any non-AD LDAP authentication to work with Secure ACS 5.3 or 5.4?</P><P></P><P>Specifically, I'm trying to authenticate user access to our secure wireless network, controlled by a pair of 5508 controllers.</P><P></P><P>I can get it to work if the laptop has support for Cisco's flavor of PEAP, but not for Microsoft's version of PEAP.</P> Mon, 11 Mar 2019 03:31:25 GMT https://community.cisco.com/t5/network-access-control/non-active-directory-ldap-user-authentication-with-acs-5-3/m-p/2237177#M110014 GRANT GATHAGAN 2019-03-11T03:31:25Z https://community.cisco.com/t5/network-access-control/non-active-directory-ldap-user-authentication-with-acs-5-3/m-p/2237178#M110050 <HTML><HEAD></HEAD><BODY><P>Because ldap as an external database doesn't support peap mschap v2. It's a limitation on a ldap side. The option is to use peap with gtc and I think you are already using it. You will find few more post on this forum with a similar query.</P><P></P><P>here are the authentication protocols/database matrix:</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/eap_pap_phase.html#wp1014889">http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/eap_pap_phase.html#wp1014889</A></P><P></P><P>Jatin katyal<BR />*do rate helpful posts*</P><P></P><P><BR />Sent from Cisco Technical Support Android App</P></BODY></HTML> Sat, 08 Jun 2013 07:24:07 GMT https://community.cisco.com/t5/network-access-control/non-active-directory-ldap-user-authentication-with-acs-5-3/m-p/2237178#M110050 Jatin Katyal 2013-06-08T07:24:07Z https://community.cisco.com/t5/network-access-control/non-active-directory-ldap-user-authentication-with-acs-5-3/m-p/2237179#M110075 <HTML><HEAD></HEAD><BODY><P>I could understand that limitation if I was trying to authenticate the WLC's directly against LDAP.</P><P></P><P>I was under the impression, however, that one of the reasons to use ACS was that, with ACS handling the user authentication instead of the WLC, you were allowed a wider range of authentication options, while not requiring more extensive "native" support on the WLC.</P><P></P><P>I guess I should have demanded more expicit confirmation when my provider said, "Yes" when asked if we could leverage our eDirectory's LDAP capabilities for authentication.</P><P></P><P>So then, I guess my next question is:</P><P>Is there any software available from Cisco to provide support for Cisco's EAP-FAST or Cisco PEAP <EM>without </EM>involving VPN capability?</P><P>If you have a laptop that sports a Centrino wireles adapter, the support is already there.</P><P>If you don't, is the Cisco AnyConnect Secure Mobility Client my only option for non-Centrino wireless users?</P></BODY></HTML> Sun, 09 Jun 2013 18:37:03 GMT https://community.cisco.com/t5/network-access-control/non-active-directory-ldap-user-authentication-with-acs-5-3/m-p/2237179#M110075 GRANT GATHAGAN 2013-06-09T18:37:03Z https://community.cisco.com/t5/network-access-control/non-active-directory-ldap-user-authentication-with-acs-5-3/m-p/2237180#M110109 <HTML><HEAD></HEAD><BODY><P> Yes there is one which support cisco PEAP without involving VPN. Please check the below link.</P><P></P><P><A href="http://www.cisco.com/en/US/docs/wireless/technology/peap/technical/reference/PEAP_D.html">http://www.cisco.com/en/US/docs/wireless/technology/peap/technical/reference/PEAP_D.html</A></P></BODY></HTML> Mon, 10 Jun 2013 04:15:09 GMT https://community.cisco.com/t5/network-access-control/non-active-directory-ldap-user-authentication-with-acs-5-3/m-p/2237180#M110109 Ravi Singh 2013-06-10T04:15:09Z