PEAPv1(EAP-GTC) config with Cisco ACS
j at w1.fi
Thu Mar 5 02:09:17 EST 2009
On Thu, Mar 05, 2009 at 09:49:59AM +1100, Ben Carbery wrote:
> I am trying to get wpa_supplicant going with this setup:
> Linux Laptop (Thinkpad with iwl4965agn) -> Aruba AP -> Aruba Wireless
> Controller -> Cisco ACS RADIUS server (terminates EAP)
> It's PEAPv1 as the passwords need to be in clear text, not MSCHAP.
> # guessing about the following..
> phase1="peap_outer_success=0 peaplabel=1"
That's incorrect; just remove the phase1 parameter and authentication
should work fine with ACS. Forcing peaplabel=1 will break key derivation
with most authentication servers, including ACS.
Jouni Malinen PGP id EFC895FA
More information about the HostAP