Hi, I have a new CISCO AIRONET 1260

I have CISCO ACS 5.1 radius for VPN on ASA and tried to configure an NDG on it for AIRONET 1260 too and worked fine with IEEE 802.1x CISCO EAP-FAST authentication

As I had some trouble to let users to authenticate only on VPN if are VPN users and only on CISCO AIRONET if need only WIFI AIRONET

I tried exception policies rules but something not working. VPN was ok but not WIFI access denied for rule policy access

I decided to install CISCO ACS 4.x on Windows 2003 that is on ACS 5 DVD

I created NDG as done on ACS 5 put a shared secret , put on AIRONET too as done for ACS 5 but I receive an error against ACS 4.x

To troubleshout it I tried

http://www.cisco.com/en/US/partner/tech/tk722/tk720/technologies_configuration_example09186a00807bf3c8.shtml

but not work ! I think to have done all fine owever on ACS 5 it worked in 5 minutes

I searched log inside ACS 4 and found "Invalid message authenticator in EAP request" and I found this:

https://supportforums.cisco.com/docs/DOC-3991

Changed shared secret more times but ever not workign with ACS 4

what's wrong?

I need to have user and password prompt on client trying to authentincate on AIRONET WIFI and I need ACS INTERNAL USER no active directory, no LDAP , no external user database