12-05-2003 08:37 AM - edited 07-04-2021 09:12 AM
Hi,
I realize that this has been discussed before, but I am still confused after reading through the forum.
My scenario is as follows:
Cisco AP1230
Cisco ACS 3.2
Laptops with built-in 802.11b cards(non-cisco)
I want to use the windows XP driver with PEAP (MS PEAP), and not install some LEAP supplicant. I have integrated the ACS with the Win2000 AD and a RSA SecurID.
I would imagine that this is a fairly common scenario now as most laptops come with built-in 802.11 cards. I can't find any complete docs that describes how to set this up - only bits and pieces here and there.
Please, can somebody or Cisco moderator enlighten me on this ?
I would belive many people will agree with me that this should be a priority to get a sample config of this to:
best regards rolf
12-10-2003 05:16 AM
I agree entirely. I too would like to do exactly the same, but as you say, documentation is patchy. In addition, I'd like to know whether the MS PEAP supplicant requires a second 'PEAP' login, in addition to the user's domain logon, as ideally, I'd prefer it to be transparent, as in our current LEAP implementation. Do the cards themselves need to support PEAP in any way, or will any card would providing the underlying OS supports PEAP?
01-13-2004 01:56 AM
Well, Rolf. This is a brief synopsis.
Win XP must be SP1.
You have to install the PEAP supplicant that comes with the Aironet ACU install utility, but you do not have to install the ACU in full.
IN your connection properties, you have to check 802.1x authentication and you need to check Authenticate as Computer. Then choose properites from the same page and check "Validate Server Certificate" and choose your CA from the drop down.
As for the server side of things, if you need more help, post again
01-21-2004 06:40 AM
I dont think it is possible (from a lisencing perspective) to install the Cisco PEAP supplicant to work with non Cisco cards as you suggest above.
I have been trying to get this working, but have come across many problems.
01-17-2004 07:12 AM
I now found these documents that was very useful info about PEAP and certificates:
rolf
01-20-2004 04:38 PM
I tried to configure PEAP with Cisco supplicant but the ACU v6.2 firmware kept rebooting the XP SP1 laptop. I had to revert to ACU v6.1 firmware. Does anyone have the same problem?
02-19-2004 06:33 AM
Any progress on this? I'm trying to do something very similar, sans Win 2000AD (we are using and RSA server local database).
Documentation is very fragmented from RSA and Cisco and seems to be out-of-date. This is a complicated setup!
-Kale
02-19-2004 07:01 AM
I can get PEAP working with non-cisco cards no problem. The problem is with my cisco 352 cards I can get PEAP working with the XP client. If I install the Cisco supplicant it will still work but, as soon as you use ACU 6.2 the computer can no longer authenticate.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide