06-09-2003 05:00 AM - edited 07-04-2021 08:46 AM
I want to configure PEAP on WIN2000 with the 802.1X patch. I have ACU ver.5.05 and ACS3.1 on windows. My external LDAP stores passwords in clear text format. Am I gonna have any problems since the PEAP uses MS-CHAP V2 and the LDAP uses clear text?
Also, do I need certificate on the wireless client in addition to the server certificate on ACS (like EAP-TLS)?
Also, do I need ACU 6 to use PEAP on WIN2000?
Thanks a lot for any help.
06-13-2003 06:59 AM
1)PEAP will not work from Win2K SP3 client through Cisco Secure ACS since MS uses PEAP-MSCHAPV2 and Cisco PEAP uses PEAP-GTC. So you might end up in a message like "Invalid message authenticator in EAP request".
But with ACU 5.05 , this is not an issue, I guess. You can see it here:
2)PEAP and EAP-TLS are very similar, the only difference is that for PEAP, the "user workstation does not need a certificate" and instead will get prompted for a username and password.
3)PEAP on WIN2k will work well with ACU5.05.
06-16-2003 09:46 PM
thanks a lot for the info :)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide