Solved

Cisco Wireless Controller 802.1x authentication

Posted on 2013-11-08
1
708 Views
Last Modified: 2013-12-06
Hello,

We are looking at options for authenticating multiple platforms (Win, MAC, iOS, Android) on our Wireless network in the most seemless/transparent way.  

Our network consists of:

5508 Wireless controllers
Cisco PRIME
Cisco ACS for RADIUS.

Ideally we would like to be able to connect the wireless network and have a SSO with our AD credentials be used.  If its a mobile device, than a username/password prompt be offered that is tied into AD.  Hopefull we won't have to install a certificate on every machine but if its possible, it'll be good to know.

Any advice would be appreciated, thanks.
0
Comment
Question by:L8C
1 Comment
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39635808
You'll need to use PEAP-MSChapV2 to authenticate mobile devices if you want to tie it in to AD.  This can be done without device certificates, but it does mean the AD login can be used on ANY device in the world that supports PEAP.

If you've not already purchased ACS I'd strongly suggest going with ISE instead.  That will give you a lot more granularity and control in terms of mobile authentication and network management.

I would deploy certificates to domain-joined devices though.  It's easy to do this with autoenrolment via GPO and will ensure a strong level of security if you decide to offer domain machines more network access than mobile devices, for example.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now