Something to at least be aware of:
We have the older ACS 1113 running the most recent 4.x version of the
software. This model was EOL'd last August and can't run the 5.x
software which is shipped with the more recent model appliances and
comprises the VM version. 4.x and 5.x take very different approaches.
There is some functionality in 4.x which is not part of 5.x as of yet,
but I believe the newer model can be downgraded to 4.x if 4.x
functionality is required.
Lee H Badman wrote:
Yep- rock solid and reliable. Great logging, easy interface- it just works. I
can be a bit hard to please, but can't really say anything bad about ACS.
-Lee Badman
________________________________________
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[wireless-...@listserv.educause.edu] On Behalf Of Brzoskowski, Anthony P
[brzos...@uwp.edu]
Sent: Saturday, March 06, 2010 4:23 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] PEAP/MSCHAPv2 + Active Directory recommendations
Has anyone had any experience with Cisco ACS? We are looking at deploying this
as our solution tied to AD.
Thanks,
Tony Brzoskowski
IS Network Services Specialist
University of Wisconsin-Parkside
brzos...@uwp.edu<mailto:brzos...@uwp.edu>
262.595.2629
[cid:image001.png@01CABD40.EBFE5230]<http://www.facebook.com/tobrz>
[cid:image002.png@01CABD40.EBFE5230] <http://www.linkedin.com/pub/7/38b/359>
[cid:image003.png@01CABD40.EBFE5230] <http://twitter.com/uwp_cts>
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:wireless-...@listserv.educause.edu] On Behalf Of Ryan Holland
Sent: Thursday, March 04, 2010 12:57 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] PEAP/MSCHAPv2 + Active Directory recommendations
We currently have an 802.1X environment using PEAP/MSCHAPv2 to Steel-Belted
radius. SBR queries SQL for user credential validation. We are (thankfully)
migrating away from SQL to an Active Directory solution. I have been told by
Juniper that we will be unable to search/query for additional attributes in AD
since we are using MSCHAPv2; I'm told that PAP (clear text passwords) must be
used in order to use the ldap auth to BIND to AD.
Being that we need to be able to query for additional attributes, I am
inquiring what other institutions are doing.
If you are using both PEAP/MSCHAPv2 and Active Directory, I would appreciate
you taking a moment to share how you are set up. Feel free to respond off list
as well.
Many thanks!
==========
Ryan Holland
Network Engineer, Wireless
Office of the Chief Information Officer
The Ohio State University
614-292-9906 holland....@osu.edu<mailto:holland....@osu.edu>
********** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
--
Jim Kieley
Chief Technology Officer
Loyola Law School
Email: jim.kie...@lls.edu
Phone: (213) 736-1470
FAX: (213) 380-3769
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.