Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1066
Views
0
Helpful
2
Replies

Which EAP Method to Use?

mengelm
Level 1
Level 1

‎01-11-2010 07:37 PM - edited ‎03-10-2019 04:53 PM

Hi.

We are looking to implement 802.1x on our Wireless Network.  I need to support Windows XP and above, Apple Macs (maybe iPhones, etc) and some Linux.

I would have liked to have used PEAP with EAP-MSCHAPv2, however I am stuck with ACS 4.2 backended into LDAP (Oracle IDM) and this won't support MSCHAPv2.

We don't really want to spend anything on supplicants, so I'd like to know what method would be best for the spread of clients we have to support.

Thanks

Matthew

Labels:
0 Helpful
2 Replies 2

Jatin Katyal
Cisco Employee
Cisco Employee

‎01-12-2010 06:30 AM


Matthew:

I think you knew the answer, that is why you mentioned that you don't wana spend anything on the client side

Unfortunately, you will need to use EAP-GTC (Generic Token Card) method in order to work with LDAP integrated withradius server.


Cisco PEAP uses EAP-GTC although this only works in wireless environment and Microsoft PEAP uses EAP-MSCHAPv2.


Acs supports both the methods so only option here is to use GTC supplicant on the client side.


In order to enable EAP-GTC, you can use either one of them:

Cisco350card

Cisco ACU utility


HTH


Regards,

JK


Plz rate helpful posts-

~Jatin
0 Helpful

snarayanaraju
Level 4
Level 4
In response to Jatin Katyal

‎01-12-2010 08:23 AM

Hi,

It is working with Intel Proset wireless adapters also

sairam

0 Helpful
Customers Also Viewed These Support Documents