Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Cisco Wireless Controller 802.1x authentication

Posted on 2013-11-08
1
Medium Priority
?
732 Views
Last Modified: 2013-12-06
Hello,

We are looking at options for authenticating multiple platforms (Win, MAC, iOS, Android) on our Wireless network in the most seemless/transparent way.  

Our network consists of:

5508 Wireless controllers
Cisco PRIME
Cisco ACS for RADIUS.

Ideally we would like to be able to connect the wireless network and have a SSO with our AD credentials be used.  If its a mobile device, than a username/password prompt be offered that is tied into AD.  Hopefull we won't have to install a certificate on every machine but if its possible, it'll be good to know.

Any advice would be appreciated, thanks.
0
Comment
Question by:L8C
1 Comment
 
LVL 47

Accepted Solution

by:
Craig Beck earned 2000 total points
ID: 39635808
You'll need to use PEAP-MSChapV2 to authenticate mobile devices if you want to tie it in to AD.  This can be done without device certificates, but it does mean the AD login can be used on ANY device in the world that supports PEAP.

If you've not already purchased ACS I'd strongly suggest going with ISE instead.  That will give you a lot more granularity and control in terms of mobile authentication and network management.

I would deploy certificates to domain-joined devices though.  It's easy to do this with autoenrolment via GPO and will ensure a strong level of security if you decide to offer domain machines more network access than mobile devices, for example.
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question