EAP-FAST authentication in WLC with ACS-LDAP

SHIBI V DEV · ‎05-10-2012

Hello,

We are using WLC-5508 in our corporate. For authenication we have implemented ACS with LDAP configured as external user database. We can able to get authenicated for Web based authenication. When it is configured for EAP-FAST, authenitication is not happening.

Could someone suggest on how to proceed...

maldehne · ‎05-13-2012

Correct me If i am wrong

WLC --> ACS --> LDAP

On ACS you have enabled EAP-FAST authentication but with no luck.

Not sure what ACS version you are using for the time being also I am not sure if you are using In band PAC provisioning?

In the following link you will see that LDAP doesn't support Phase zero of EAP FAST ( PAC Provisioning )

http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/Overvw.html#wp824733

SHIBI V DEV · ‎05-14-2012

Hi MALDEHNE,

ACS Version we are using is 4.1. Now we can see LDAP groups in ACS.But when we tried to access from Wireless Clients it is not working.Is there any way to check WLC is communicating to ACS properly?

maldehne · ‎05-14-2012

Hello Shibi

If you check the above link that i have shared with you EAP - FAST phase 0 is not supported when LDAP is the external DB integrated with ACS. If you try with another EAP type such as EAP GTC or EAP TLS it will work for sure.

Regards

---------------------------------------------------------------------------

Please make sure to rate correct answers