cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
474
Views
0
Helpful
1
Replies

ACS 5.3 for Network Access Control

mnasseronseu
Level 1
Level 1

Hi Everyone,

We recently deployed ACS 5.3 on a VM, while the main purpose of implementation was to control access (authentication/authorization) on network devices; Can we use the same user to authenticate users' access to our wired network? So only users with a valid credentials on our Windows AD can have access to the network? If not, what component do we miss to implement this feature?

1 Reply 1

Amjad Abdullah
VIP Alumni
VIP Alumni

Salam Mohammed,

Yes. You can use the ACS to authenticate wired users using 802.1x (port-based authenitcation) IF your AAA device (the switch) supports such configuratoin.

You need to know that for admin control access you use TACACS+ protocol. With network access (wired or wireless) you need to use RADIUS protocol.

What you  need to do is:

- Configure the switch to use the ACS as a RADIUS server.

- configure the switch ports to which clients will connect to use 802.1x. Let the 802.1x auth go to the RADIUS server configured in the previous step.

- Add the switches to the ACS as AAA devices.

- configure the ACS correclty (policies, AD integratoin, EAP types...etc) so that it responds to the switch when it asks it for users credentials valid or not. Note that you need to configure the radius part.

HTH

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"