Fyi, from the 4.2 config guide:
The LDAP backend database supports these local EAP methods: EAP-TLS, EAP-FAST/GTC, and PEAPv1/GTC. LEAP, EAP-FAST/MSCHAPv2, and PEAPv0/MSCHAPv2 are also supported but only if the LDAP server is set up to return a clear-text password. For example, Microsoft Active Directory is not supported because it does not return a clear-text password. If the LDAP server cannot be configured to return a clear-text password, LEAP, EAP-FAST/MSCHAPv2, and PEAPv0/MSCHAPv2 are not supported. Thanks, -Kara From: [email protected] [mailto:[email protected]] On Behalf Of Raul Manzano Sent: Sunday, January 09, 2011 6:36 AM To: [email protected] Subject: [CCIE Wireless] Web authentication using LDAP in 4.2 version -Computer certificates Hi guys. Finalizing the preparation for my first attemp to the lab, I found a problem using ldap for the authetication of my guest clients using a webauth method. In fact the problem is I canĀ“t see any attemps to ask to LDAP database from the WLC, and I 'm starting to think whether this authentication method is supported in this software version. The LDAP database is a Windows AD. WLC version 4.2 I applied the following document and although the version used is 5.1 I supposed that really should work. http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a03e09.shtml Any idea???; this afternoon I hope to capture the output for the WLC "debug aaa all enable" but I advance that shows nothing. About computer certificates; is there any way to issue a computer certificate for a non domain computer through Microsoft CA?; because using the web GUI there is not possibility; the only way is using autoenrollment when the computer belongs to the domain; other posibility (not used yet but tomorrow I will try it) could be using openssl like Cisco explains in this document. http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml What do you think, guys??? Thanks. Best Regards.
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
