Hello all:

I hope that I am posting on the correct forum.

We currently have a Cisco ACS 3.3 which we have configured to use
eDirectory as an external LDAP directory. We are currently able to set
up access to our routers and switches via TACACs and successfully
authenticate via user names and passwords stored in eDirectory, so we
know that the LDAP access is working. eDirectory version is OS
is Netware 6.5 sp 3.

We are now embarking on setting up wireless authentication utilizing
the AEGIS client from Meetinghouse as our supplicant. We have been
successful in authenticating to our test wireless AP (Cisco 1200) with
a user setup in an access group on the ACS using the ACS as a RADIUS
server. We are authenticating via LEAP. However, we have not been able
to authenticate using eDirectory usernames and passwords. Upon
reviewing various posts I have seen info about adding RADIUS attributes
to eDirectory to use the FreeRADIUS server. Is this necessary with the
ACS device? Do we need to change our protocol to EAP-TTLS as is
suggested in other posts or do we need to set up simple passwords? What
security considerations do we want to take into account?

If anyone has successfully implemented this configuration, please feel
free to contact me directly. We want to leverage eDirectory and our
client's experience with this platform to make wireless security as
seemless and secure as possible. This is a school district and we want
to be able to limit our user access via login names that they enter on
any machine in the district rather than via machine certificates. That
way if we want to deny a student access for disciplinary reasons, we
can implement it very easily.

I would greatly appreciate any assistance that can be provided!!!!!!

Donna Moyer