12-13-2002 12:26 PM - edited 07-04-2021 08:24 AM
Has anyone successfully implemented a PEAP wireless solution? I have PAEP authentication working with a client using Cisco ACS 3.1 and authenticating with OTP (SecureID). Everything works great, except that when the user logins into windows 2000 the first time after booting up the pc, they are logging in with a cached account. This is due to the fact that the cisco interface in which you enter your username and passcode does not appear untill after logging into windows. Is there a way to authenticate the wireless network conneciton before logging into the windows domain?
12-19-2002 12:46 AM
Hi,
I am very sorry to say that you are in a problem.
I was at the same situation in aproject i had, and I was forced to change the equipment to one that work with EAP standart, 802.1x. as you know, cisco aironet works with PEAP/ LEAP, which are not fully compatible.
sorry...
12-26-2002 12:35 PM
We ended up going with authentication through Microsoft IAS with the client-side peap support supplied by the Microsoft XP and 2000 supplicants. There were a few issues with password exiprations that required a MS pre-SP4 hotfix and we may have found a bug in the 12-series code for APs that may be throwing bad RADIUS packets at IAS after a password change... 11.56 code appears to work beautifully though. The client PC logs in as a computer before the user's login occurs...
01-28-2003 12:45 PM
I am also having the same issues with PEAP not authenticating prior to domain authentication. LEAP works correctly but I told I need the added security of the SSL tunnel (the EAP-TLS part of PEAP). If PEAP authentication cannot occur before domain authentication, it there a way to make it authenticate imidiately afterwards. It seems the client sits associated to the AP and never tries to authenticate till traffic is passed. This presents a bad user expirence.
I am running a AP1100 with Aironet 350 PCMCIA cards, and Secure ACS as the authentication server.
Thanks
CS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide