Solved

Cisco Wireless Controller 802.1x authentication

Posted on 2013-11-08
1
711 Views
Last Modified: 2013-12-06
Hello,

We are looking at options for authenticating multiple platforms (Win, MAC, iOS, Android) on our Wireless network in the most seemless/transparent way.  

Our network consists of:

5508 Wireless controllers
Cisco PRIME
Cisco ACS for RADIUS.

Ideally we would like to be able to connect the wireless network and have a SSO with our AD credentials be used.  If its a mobile device, than a username/password prompt be offered that is tied into AD.  Hopefull we won't have to install a certificate on every machine but if its possible, it'll be good to know.

Any advice would be appreciated, thanks.
0
Comment
Question by:L8C
1 Comment
 
LVL 46

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39635808
You'll need to use PEAP-MSChapV2 to authenticate mobile devices if you want to tie it in to AD.  This can be done without device certificates, but it does mean the AD login can be used on ANY device in the world that supports PEAP.

If you've not already purchased ACS I'd strongly suggest going with ISE instead.  That will give you a lot more granularity and control in terms of mobile authentication and network management.

I would deploy certificates to domain-joined devices though.  It's easy to do this with autoenrolment via GPO and will ensure a strong level of security if you decide to offer domain machines more network access than mobile devices, for example.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question