cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

947
Views
0
Helpful
2
Replies
Lam Hung Chung
Beginner

Wireless Authenticate with Novell LDAP through ACS 5.2

Dear all,
I'd like to configure wireless access from winXP to authenticate with our corporate Novell LDAP through ACS

Setup:

WinXP SP3 --> WLC 4402 --> ACS 5.2 --> Novell LDAP

1. Our Novell LDAP server uses secure LDAP (port 636) to authentication user.
On ACS 5.2, when we configure this option we need to select Root CA. Should the Root CA in ACS must be the same as the LDAP server's? (the

LDAP's certificate issuer)

2. What kind of authentication that this setup supports? Does it support PEAP/MSCHAPv2 as in Windows Zero Configuration or

it only supports PEAP-GTC, EAP-FAST, EAP-TLS (which means I have to use Intel Proset/Wireless software to configure).

Thanks for your help.

2 REPLIES 2
Nicolas Darchis
Cisco Employee

For your question 2, the config guide states that for LDAP databases only returning clear text password (and I think it's the case for Novell but wouldn't bet my life on it), you have to use TLS or GTC methods, not mschapv2.

For question 1, you need the ACS to have the LDAP server issuing CA cert in the trusted list and select it in the LDAP config as root CA.

Hi Nicolas,

Thank you very much for your help. I've been able to make it work.

Just confirm:

1. Root CA = LDAP server's RootCA

2. PEAP-GTC

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube