topic yes that's right instead of in Wireless https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055408#M113265 yes that's right instead of using user created on ISE , I use those who are in my AD Wed, 24 May 2017 23:22:21 GMT mdjan 2017-05-24T23:22:21Z Security issue with WLC 5520 and AD https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055403#M113260 <P>Hello guys,</P> <P>To facilitate all the employees to log on the company wireless, I enable 802.1x authentication to enable all persons which are in the Active directory to access wlan without additional authentication. Employee use their same credential to log on the domain to log on the WLAN. By doing this all the users are able to log on the WLC management interface.</P> <P>How can I solve this issue because it cause a very big security issue?</P> Mon, 05 Jul 2021 14:06:13 GMT https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055403#M113260 mdjan 2021-07-05T14:06:13Z TACACS?  https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055404#M113261 <P>TACACS?&nbsp;</P> <P>Internal User Database on ISE?</P> <P>ACL?</P> <P>These are all options.&nbsp;</P> <P>There are lots of ways.&nbsp; I am not really clear on your configuration, but something is amiss.</P> Wed, 24 May 2017 21:16:25 GMT https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055404#M113261 jonathan.cuthbert 2017-05-24T21:16:25Z I use Active directory user https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055405#M113262 <P>I use Active directory user with ISE and ACL.</P> <P>I based my configuration on this file</P> Wed, 24 May 2017 21:23:46 GMT https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055405#M113262 mdjan 2017-05-24T21:23:46Z Apologies that I did not https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055406#M113263 <P>Apologies that I did not download your PDF.&nbsp; Perhaps you were referring to this blog post:</P> <P></P> <P>https://mrncciew.com/2014/05/11/wlc-access-via-radius-ise/</P> <P></P> <P></P> Wed, 24 May 2017 21:54:53 GMT https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055406#M113263 jonathan.cuthbert 2017-05-24T21:54:53Z yes that's right https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055407#M113264 <P>yes that's right</P> Wed, 24 May 2017 23:19:35 GMT https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055407#M113264 mdjan 2017-05-24T23:19:35Z yes that's right instead of https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055408#M113265 yes that's right instead of using user created on ISE , I use those who are in my AD Wed, 24 May 2017 23:22:21 GMT https://community.cisco.com/t5/wireless/security-issue-with-wlc-5520-and-ad/m-p/3055408#M113265 mdjan 2017-05-24T23:22:21Z