https://community.cisco.com/t5/network-access-control/wireless-authenticate-with-novell-ldap-through-acs-5-2/m-p/1740772#M265051 <P>Dear all,<BR />I'd like to configure wireless access from winXP to authenticate with our corporate Novell LDAP through ACS</P><P>Setup:</P><P>WinXP SP3 --&gt; WLC 4402 --&gt; ACS 5.2 --&gt; Novell LDAP</P><P></P><P>1. Our Novell LDAP server uses secure LDAP (port 636) to authentication user.<BR />On ACS 5.2, when we configure this option we need to select Root CA. Should the Root CA in ACS must be the same as the LDAP server's? (the </P><P>LDAP's certificate issuer)</P><P></P><P>2. What kind of authentication that this setup supports? Does it support PEAP/MSCHAPv2 as in Windows Zero Configuration or </P><P>it only supports PEAP-GTC, EAP-FAST, EAP-TLS (which means I have to use Intel Proset/Wireless software to configure).</P><P></P><P>Thanks for your help.</P> Mon, 11 Mar 2019 01:16:37 GMT Lam Hung Chung 2019-03-11T01:16:37Z https://community.cisco.com/t5/network-access-control/wireless-authenticate-with-novell-ldap-through-acs-5-2/m-p/1740772#M265051 <P>Dear all,<BR />I'd like to configure wireless access from winXP to authenticate with our corporate Novell LDAP through ACS</P><P>Setup:</P><P>WinXP SP3 --&gt; WLC 4402 --&gt; ACS 5.2 --&gt; Novell LDAP</P><P></P><P>1. Our Novell LDAP server uses secure LDAP (port 636) to authentication user.<BR />On ACS 5.2, when we configure this option we need to select Root CA. Should the Root CA in ACS must be the same as the LDAP server's? (the </P><P>LDAP's certificate issuer)</P><P></P><P>2. What kind of authentication that this setup supports? Does it support PEAP/MSCHAPv2 as in Windows Zero Configuration or </P><P>it only supports PEAP-GTC, EAP-FAST, EAP-TLS (which means I have to use Intel Proset/Wireless software to configure).</P><P></P><P>Thanks for your help.</P> Mon, 11 Mar 2019 01:16:37 GMT https://community.cisco.com/t5/network-access-control/wireless-authenticate-with-novell-ldap-through-acs-5-2/m-p/1740772#M265051 Lam Hung Chung 2019-03-11T01:16:37Z https://community.cisco.com/t5/network-access-control/wireless-authenticate-with-novell-ldap-through-acs-5-2/m-p/1740773#M265063 <HTML><HEAD></HEAD><BODY><P>For your question 2, the config guide states that for LDAP databases only returning clear text password (and I think it's the case for Novell but wouldn't bet my life on it), you have to use TLS or GTC methods, not mschapv2.</P><P></P><P>For question 1, you need the ACS to have the LDAP server issuing CA cert in the trusted list and select it in the LDAP config as root CA.</P></BODY></HTML> Thu, 04 Aug 2011 06:57:27 GMT https://community.cisco.com/t5/network-access-control/wireless-authenticate-with-novell-ldap-through-acs-5-2/m-p/1740773#M265063 Nicolas Darchis 2011-08-04T06:57:27Z https://community.cisco.com/t5/network-access-control/wireless-authenticate-with-novell-ldap-through-acs-5-2/m-p/1740774#M265075 <HTML><HEAD></HEAD><BODY><P>Hi Nicolas,</P><P>Thank you very much for your help. I've been able to make it work.</P><P>Just confirm:</P><P>1. Root CA = LDAP server's RootCA</P><P>2. PEAP-GTC</P></BODY></HTML> Wed, 10 Aug 2011 12:38:48 GMT https://community.cisco.com/t5/network-access-control/wireless-authenticate-with-novell-ldap-through-acs-5-2/m-p/1740774#M265075 Lam Hung Chung 2011-08-10T12:38:48Z