We need to use the same user IDs for both 802.1X and VPN access:
802.1X authentication request from local switch will use AD
VPN authentication request from VPN device will use RSA
I am OK with NDG to determine what device request comes from. What I have not worked out is how the same user ID user can be tied to different authentication depending on NDG.
An example configuration would be ideal
Go to Solution.
You need to create 2 device type one for switches and other for firewalls.
Under default network access > identity > click on "rule based result selection" > create 2 rules
1. for dot1x > select the device type and identity source.
2. for vpn > select the device type and identity source.
Note: The user should be there in both the database.
**Do rate useful posts**
View solution in original post
I think Jatin answered your question. There must be two different device types and you choose different identity source for each device type.
Please mark the question as "answered" if that answered your question.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: