Forum

Hello!
I'm building wireless with EAP authentication. It seams that connection between access-point and ACS works fine, but I cannot authenticate with external database such as LDAP or Token Server. ACS only authenticates when I add user in Ciscosecure database. When I try to authenticate with external database user I receive note that "Auth type not supported by External DB".
Does anyone know sollution for this kind of problem ?

Thanks a lot,


Tom

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacsapp/user/qu.htm

This might help.

Hi!

I've allready done that ;( The problem is that ACS doesn't authenticate EAP with external databases. When I want to authenticate on my VPN Concentrator I can easily authenticate with user from ACS external databases such as LDAP or Token Server. It seams that problem is with EAP and this kind of authentication (access-point >> ACS >> LDAP). Do you know what can be the problem in this kind of situation ?

Thanks for your support,

Tom

Hello!

It seams that I had found sollution for this kind of problem! I was searching problem on ACS server and the problem was in other place, on Windows machines.

Sollution:
The native Windows PEAP client doesn't support LDAP, because it uses MSCHAP V2.
PEAP-GTC is required for LDAP compatibility.
Cisco Aironet Client Utility (ACU) offers PEAP-GTC and is downloadable from Cisco's homepage.

Tom

Hi Tom,

Just to share with you, I got the same problem to authenticate my user from ACS Version 3.3 but mine is against Microsoft Active Directory database. The same error message I got during authentication. My question is 'where is the configuration change I need to do", is it inside the Microsoft AD server or my Cisco ACS server. For your case, where did you make the change that solve your LDAP problem.