Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
715
Views
0
Helpful
7
Replies

CiscoSecure 3.3 Problem

Cisco4Life
Level 1
Level 1

‎08-08-2005 06:17 AM - edited ‎03-10-2019 02:15 PM

I am trying to set up 802.1x via the CiscoSecure 3.3 Trial for windows. I have installed the application properly and have configure the clients and configured my switch for authentication. When I go to install the certificate by follwing the instructions from cisco and turn on the EAP-MSCHAPv2; I get the follwoing error.

"Failed to initialize PEAP or EAP-TLS authentication protocol because ACS certificate is not installed." I don't understand this error because I have installed the certificate correctly according to the documentation.

Any help is appreciated.

Frank

Labels:
0 Helpful
7 Replies 7

owillins
Level 6
Level 6

‎08-12-2005 04:04 AM

EAP-TLS requires support from both the end client and the AAA client.

0 Helpful

tom.paul
Level 1
Level 1

‎08-12-2005 12:46 PM

Generate your certificate with cn=hostname or better cn=hostname with FQDN.

0 Helpful

ecarrasquillo
Level 1
Level 1

‎08-16-2005 07:11 AM

Frank,

In order for the 802.1x authentication using EAP-MSCHAPv2 to occur you need to install a certificate from the system configuration menu. Be aware that you will need a certificate server when you generate the CSR.

0 Helpful

marcbutler
Level 1
Level 1

‎11-16-2005 09:18 AM

Hi Frank

Well, I am having the very same error come up and am having the same sort of problems fixing it (even though I am deploying NAC as opposed to .1x auth).

I notice that none of the above comments were very helpful. If I find the answer, then I will make sure that I post it here for you.

However, I hope you have already found a solution.

Rgds

Marc

0 Helpful

Cisco4Life
Level 1
Level 1
In response to marcbutler

‎11-16-2005 10:53 AM

Marc-

I did get the solution. The problem was i was trying to install the certificate from my subordiante CA server. I had to install it from the Root CA server. If you need some help let me know, as I am about to plan for NAC deployment as well.

Frank

0 Helpful

marcbutler
Level 1
Level 1
In response to Cisco4Life

‎11-17-2005 10:40 AM

Hi Frank

Any help would be much appreciated. I am pretty sure that I am installing from my Root CA (having just installed the CA part on the server) although now coming to think of it, that server is not in my domain. Could that be the issue? I know that the CA does not need to be a DC, but can be one, but I have never really thought whether it makes a difference if it is a member of the domain or not!

Yes, any help would be much appreciated, Frank.

0 Helpful

marcbutler
Level 1
Level 1

‎11-20-2005 09:36 AM

Hi Frank

Yes, if you could outline what helped you, that would be great!! I have now realised that my CA is indeed a root CA and that it definitely was/is part of the domain, (but not a DC, but that should not be an issue).

Anything that you could suggest would be much appreciated, as I am banging my head against a brick wall with this one.

Rgds

Marc

0 Helpful
Customers Also Viewed These Support Documents