Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
421
Views
0
Helpful
2
Replies

PEAP with ACS and external LDAP

pambosch
Level 1
Level 1

‎06-09-2003 05:00 AM - edited ‎07-04-2021 08:46 AM

I want to configure PEAP on WIN2000 with the 802.1X patch. I have ACU ver.5.05 and ACS3.1 on windows. My external LDAP stores passwords in clear text format. Am I gonna have any problems since the PEAP uses MS-CHAP V2 and the LDAP uses clear text?

Also, do I need certificate on the wireless client in addition to the server certificate on ACS (like EAP-TLS)?

Also, do I need ACU 6 to use PEAP on WIN2000?

Thanks a lot for any help.

Labels:
0 Helpful
2 Replies 2

Not applicable

‎06-13-2003 06:59 AM

1)PEAP will not work from Win2K SP3 client through Cisco Secure ACS since MS uses PEAP-MSCHAPV2 and Cisco PEAP uses PEAP-GTC. So you might end up in a message like "Invalid message authenticator in EAP request".

But with ACU 5.05 , this is not an issue, I guess. You can see it here:

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/350cards/windows/cutils_r/cu505.htm#xtocid10

2)PEAP and EAP-TLS are very similar, the only difference is that for PEAP, the "user workstation does not need a certificate" and instead will get prompted for a username and password.

3)PEAP on WIN2k will work well with ACU5.05.

0 Helpful

pambosch
Level 1
Level 1
In response to

‎06-16-2003 09:46 PM

thanks a lot for the info :)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card