cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
866
Views
0
Helpful
3
Replies

ACS 5.x + Single Sign on + Wired DOT1X.

minkumar
Level 1
Level 1

Dear Team,

 

   My customer wants to use Single Sign on for wired and wireless DOT1X clients using ACS 5.6. Is there any way we could do that?

 

AD in integrated with ACS and cu wants to access multiple application using same windows credentials. Let me know if its doable.

 

Minakshi

3 Replies 3

nspasov
Cisco Employee
Cisco Employee

Hello Minakshi. Can you give us more details around the requirements and the solution used for the single sign on?

 

Setup is as follows:

 

 

Wired Dot1x(eaptls)

--User(Windows)-----> Switch(Cisco)-----ACS(5.6)-------AD

 

 

There are multiple inhouse application for the Company. They wanted all the internal employees to access the inhouse internet and intranet multiple portals

 

I just want to know how this can be done or taken care. If there is anything else, you are looking for , Please let me know.

Well with Windows you can use both PEAP machine or user based authentication. You can configure the Windows supplicant to automatically provide the machine or user credentials to the ACS server without requiring the user to input any information. 

It appears that you in your environment you are using EAP-TLS and digital certificates. If that is the case then the same as above would apply. You can configure the Windows supplicant via GPO to automatically perform machine or user (based on the type of certificate that you are issuing) based authentication. This type of configuration would also prevent the user from having to input any credentials. 

I hope this helps!

 

Thank you for rating helpful posts!