Solved

setting up RBAC and Radius with Cisco WLC...

Posted on 2011-09-14
4
920 Views
Last Modified: 2012-06-21
There are documents out there with Cisco for setting up the Wireless LAN controller with Radius, but I was wondering if anyone can tell me if what I'm thinking about is the right solution for this...

We have a few SSID's being sent out by the WLC and I'm wondering how it would be possible to have just one or two SSID's and then have something like Role Based Access control so that they could be sent to the proper VLAN once they've logged in. Also, with a guest network how can something like this be used so that you don't have to use MAC filtering to get everyone's credentials. Do you just have the RADIUS with something like Open authentication so they just put in their user name and it will attache the MAC, etc.?

Any docs or guidance on this would be great.
0
Comment
Question by:willlandymore
  • 2
  • 2
4 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 36542820
What you are talking about is some type of 802.1x setup with Radius. You could use the Radius local database or an external database such as Active Directory to authenticate users. The radius would be responsible to assigning the vlan dynamically.

Here is a link about 802.1x implementation:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml



0
 
LVL 1

Author Comment

by:willlandymore
ID: 36545402
that's exactly what I'm talking about. :)

I just need to find documents about setting this up with NPS on Windows. All of Cisco's docs assume you're using their Cisco ACS. However, I'm using a 2008 server for this instead.

I've setup Network Policy Service on Windows but I'm just foggy on the part where you can get the AP/Controller linked so that when the client connects it will pass that information on to RADIUS, or better still, Active Directory and then back again.
0
 
LVL 26

Accepted Solution

by:
Soulja earned 500 total points
ID: 36545537
0
 
LVL 1

Author Comment

by:willlandymore
ID: 36545758
thanks for the docs...
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Can a Cisco 3702e be configured for wireless G only? 3 43
Droid 4 15 104
gns3 - switchport trunk allow vlan error 4 49
VLANs and isolation / private networks 3 22
In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now