ā03-14-2014 12:59 PM - edited ā03-10-2019 09:32 PM
Hi
We need to use the same user IDs for both 802.1X and VPN access:
802.1X authentication request from local switch will use AD
VPN authentication request from VPN device will use RSA
I am OK with NDG to determine what device request comes from. What I have not worked out is how the same user ID user can be tied to different authentication depending on NDG.
An example configuration would be ideal
Thanks
Peter
Solved! Go to Solution.
ā03-15-2014 04:51 PM
You need to create 2 device type one for switches and other for firewalls.
Under default network access > identity > click on "rule based result selection" > create 2 rules
1. for dot1x > select the device type and identity source.
2. for vpn > select the device type and identity source.
Note: The user should be there in both the database.
Regards,
Jatin Katyal
**Do rate useful posts**
ā03-15-2014 04:51 PM
You need to create 2 device type one for switches and other for firewalls.
Under default network access > identity > click on "rule based result selection" > create 2 rules
1. for dot1x > select the device type and identity source.
2. for vpn > select the device type and identity source.
Note: The user should be there in both the database.
Regards,
Jatin Katyal
**Do rate useful posts**
ā03-16-2014 02:44 AM
Hi Peter,
I think Jatin answered your question. There must be two different device types and you choose different identity source for each device type.
Please mark the question as "answered" if that answered your question.
Regards,
Amjad
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide