Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
687
Views
0
Helpful
1
Replies

smooth 802.1x possible?

Rutger Blom
Level 1
Level 1

‎11-16-2004 11:44 AM - edited ‎03-10-2019 01:53 PM

Hello,

I have the following components in my network and would like to build a smooth and transparant 802.1x environment for my clients:

- Cisco ACS 3.2(2) with Generic LDAP external database

- Cisco 2950 switches with latest IOS

- Windows 2000 SP4 on the clients with Novell client

- No ActiveDirectory for clients, but MS CA available

I would like to do 802.1x port authentication on my 2950 switches. I've been testing with both EAP-MD5 and PEAP. I got both methods to work, but not in the way i want to.

1. When the client starts the machine an initial Novell login is required. At this time the machine needs to be able to connect to the Netware server. How to I achieve this? Machine authentication?

2. How do i let PEAP use the Generic LDAP ext. database on ACS? In my tests PEAP tries to login with a username like "HOSTNAME/USERNAME" which is not available in the LDAP database. Creating a local user in the ACS database works with PEAP, but we can't have it like that.

3. We are using PXE-boot in our organisation to push out new images. How does PXE-boot work with a 802.1x enabled switchport? I couldn't get it to work.

Thanks in advance!

Rutger

Labels:
0 Helpful
1 Reply 1

didyap
Level 6
Level 6

‎11-22-2004 01:19 PM

Here is a link that explains how to set up CiscoSecure ACS to use an LDAP database and work with PEAP. Hope this helps.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/d.htm#71778

0 Helpful
Customers Also Viewed These Support Documents