https://community.cisco.com/t5/wireless/how-to-use-multiple-ssid-with-acs-and-ad-authentication/m-p/1681804#M69334 <HTML><HEAD></HEAD><BODY><P>Hi Patrick,</P><P></P><P>please clarify what you want to achieve.</P><P>I understand that you currently have:</P><P>- "employee" SSID, with (EAP?) authentication using AD as the Identity store; can you confirm that you do EAP/RADIUS auth for this SSID? What RADIUS server do you use here?</P><P>- "guest" SSID, with Web-Auth using Cisco NAC Guest server.</P><P></P><P>You need to add a "showroom/test" SSID, using the same AD DB as for the employee SSID.</P><P>What is the security config you would use in this case?</P><P>802.1x/EAP, or Web-Auth?</P><P></P><P>For 802.1x/EAP, it's not a problem to point this new SSID to the same RADIUS server.</P><P>For Web-Auth, you can consider using either RADIUS again (PAP auth, not EAP) or configuring the WLC to poll the AD using LDAP:</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a03e09.shtml">http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a03e09.shtml</A></P><P></P><P>I hope this helps.</P><P></P><P>Regards,</P><P>Federico</P><P></P><P>--</P><P>If this answers your question please mark the question as "answered" and rate it, so other users can easily find it.</P></BODY></HTML> Sat, 11 Jun 2011 11:48:12 GMT Federico Lovison 2011-06-11T11:48:12Z https://community.cisco.com/t5/wireless/how-to-use-multiple-ssid-with-acs-and-ad-authentication/m-p/1681803#M69333 <P>I'm looking to deploy a showroom/test SSID using the WLCs, light weight APs and ACS, I'd like to use AD authentication as we currently do for our standard employee SSID. We also have Guest NAC for the guest SSID but I don't think this is an option as I don't want guests to use the </P><P>showroom/test SSID.</P><P></P><P>Thanks</P> Sun, 04 Jul 2021 03:17:28 GMT https://community.cisco.com/t5/wireless/how-to-use-multiple-ssid-with-acs-and-ad-authentication/m-p/1681803#M69333 patrickdonlon 2021-07-04T03:17:28Z https://community.cisco.com/t5/wireless/how-to-use-multiple-ssid-with-acs-and-ad-authentication/m-p/1681804#M69334 <HTML><HEAD></HEAD><BODY><P>Hi Patrick,</P><P></P><P>please clarify what you want to achieve.</P><P>I understand that you currently have:</P><P>- "employee" SSID, with (EAP?) authentication using AD as the Identity store; can you confirm that you do EAP/RADIUS auth for this SSID? What RADIUS server do you use here?</P><P>- "guest" SSID, with Web-Auth using Cisco NAC Guest server.</P><P></P><P>You need to add a "showroom/test" SSID, using the same AD DB as for the employee SSID.</P><P>What is the security config you would use in this case?</P><P>802.1x/EAP, or Web-Auth?</P><P></P><P>For 802.1x/EAP, it's not a problem to point this new SSID to the same RADIUS server.</P><P>For Web-Auth, you can consider using either RADIUS again (PAP auth, not EAP) or configuring the WLC to poll the AD using LDAP:</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a03e09.shtml">http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a03e09.shtml</A></P><P></P><P>I hope this helps.</P><P></P><P>Regards,</P><P>Federico</P><P></P><P>--</P><P>If this answers your question please mark the question as "answered" and rate it, so other users can easily find it.</P></BODY></HTML> Sat, 11 Jun 2011 11:48:12 GMT https://community.cisco.com/t5/wireless/how-to-use-multiple-ssid-with-acs-and-ad-authentication/m-p/1681804#M69334 Federico Lovison 2011-06-11T11:48:12Z