Solved

setting up RBAC and Radius with Cisco WLC...

Posted on 2011-09-14
4
969 Views
Last Modified: 2012-06-21
There are documents out there with Cisco for setting up the Wireless LAN controller with Radius, but I was wondering if anyone can tell me if what I'm thinking about is the right solution for this...

We have a few SSID's being sent out by the WLC and I'm wondering how it would be possible to have just one or two SSID's and then have something like Role Based Access control so that they could be sent to the proper VLAN once they've logged in. Also, with a guest network how can something like this be used so that you don't have to use MAC filtering to get everyone's credentials. Do you just have the RADIUS with something like Open authentication so they just put in their user name and it will attache the MAC, etc.?

Any docs or guidance on this would be great.
0
Comment
Question by:willlandymore
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 36542820
What you are talking about is some type of 802.1x setup with Radius. You could use the Radius local database or an external database such as Active Directory to authenticate users. The radius would be responsible to assigning the vlan dynamically.

Here is a link about 802.1x implementation:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml



0
 
LVL 1

Author Comment

by:willlandymore
ID: 36545402
that's exactly what I'm talking about. :)

I just need to find documents about setting this up with NPS on Windows. All of Cisco's docs assume you're using their Cisco ACS. However, I'm using a 2008 server for this instead.

I've setup Network Policy Service on Windows but I'm just foggy on the part where you can get the AP/Controller linked so that when the client connects it will pass that information on to RADIUS, or better still, Active Directory and then back again.
0
 
LVL 26

Accepted Solution

by:
Soulja earned 500 total points
ID: 36545537
0
 
LVL 1

Author Comment

by:willlandymore
ID: 36545758
thanks for the docs...
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question