Solved

setting up RBAC and Radius with Cisco WLC...

Posted on 2011-09-14
4
951 Views
Last Modified: 2012-06-21
There are documents out there with Cisco for setting up the Wireless LAN controller with Radius, but I was wondering if anyone can tell me if what I'm thinking about is the right solution for this...

We have a few SSID's being sent out by the WLC and I'm wondering how it would be possible to have just one or two SSID's and then have something like Role Based Access control so that they could be sent to the proper VLAN once they've logged in. Also, with a guest network how can something like this be used so that you don't have to use MAC filtering to get everyone's credentials. Do you just have the RADIUS with something like Open authentication so they just put in their user name and it will attache the MAC, etc.?

Any docs or guidance on this would be great.
0
Comment
Question by:willlandymore
  • 2
  • 2
4 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 36542820
What you are talking about is some type of 802.1x setup with Radius. You could use the Radius local database or an external database such as Active Directory to authenticate users. The radius would be responsible to assigning the vlan dynamically.

Here is a link about 802.1x implementation:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml



0
 
LVL 1

Author Comment

by:willlandymore
ID: 36545402
that's exactly what I'm talking about. :)

I just need to find documents about setting this up with NPS on Windows. All of Cisco's docs assume you're using their Cisco ACS. However, I'm using a 2008 server for this instead.

I've setup Network Policy Service on Windows but I'm just foggy on the part where you can get the AP/Controller linked so that when the client connects it will pass that information on to RADIUS, or better still, Active Directory and then back again.
0
 
LVL 26

Accepted Solution

by:
Soulja earned 500 total points
ID: 36545537
0
 
LVL 1

Author Comment

by:willlandymore
ID: 36545758
thanks for the docs...
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question