08-03-2011 10:24 PM - edited 03-10-2019 06:16 PM
Dear all,
I'd like to configure wireless access from winXP to authenticate with our corporate Novell LDAP through ACS
Setup:
WinXP SP3 --> WLC 4402 --> ACS 5.2 --> Novell LDAP
1. Our Novell LDAP server uses secure LDAP (port 636) to authentication user.
On ACS 5.2, when we configure this option we need to select Root CA. Should the Root CA in ACS must be the same as the LDAP server's? (the
LDAP's certificate issuer)
2. What kind of authentication that this setup supports? Does it support PEAP/MSCHAPv2 as in Windows Zero Configuration or
it only supports PEAP-GTC, EAP-FAST, EAP-TLS (which means I have to use Intel Proset/Wireless software to configure).
Thanks for your help.
08-03-2011 11:57 PM
For your question 2, the config guide states that for LDAP databases only returning clear text password (and I think it's the case for Novell but wouldn't bet my life on it), you have to use TLS or GTC methods, not mschapv2.
For question 1, you need the ACS to have the LDAP server issuing CA cert in the trusted list and select it in the LDAP config as root CA.
08-10-2011 05:38 AM
Hi Nicolas,
Thank you very much for your help. I've been able to make it work.
Just confirm:
1. Root CA = LDAP server's RootCA
2. PEAP-GTC
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: