Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
553
Views
4
Helpful
1
Replies

ACS CERTIFICATE ISSUE

JAYESH RAMAIYA
Level 1
Level 1

‎10-26-2012 01:52 AM - edited ‎03-10-2019 07:43 PM

Hi

We have Cisco AP's set up around our buiding. This is controlled by our WLC. We also have a Cisco ACS server set up. Some of our domain users are able to go our customers sites which are on different domains and are able to gain access to thier own home domains by logging on with laptops. I know the customers IT department are using RADAIUS and ARUBA Wireless.

I have been asked if we can allow customers to come to our office and allow then to log onto thier laptops, connect remotly through our wireless and let them connect to thier domain.

I believe this is possible through the ACS server, The ACS server would have the customer domain name configured in user and identity, Radius identity servers. The user would log in and authentication and would be directed through a different vlan to the cust AD.

I have set up a test WAP on our WLC, Logged in with a laptop which is running windows 7 that does not belong to our domain. The ACS can see this but will not grant access. I believe that this is a certificate problem.

Are there any settings that I may have missed or can anyone shed any light or advice on this please. 

Thank you

Regards

Labels:
0 Helpful
1 Reply 1

Tarik Admani
VIP Alumni
VIP Alumni

‎10-26-2012 12:18 PM

Jayesh,

You can use the radius proxy feature in ACS, when the external users connect you can build a rule such that "username ends with external.com" to use the radius proxy server "A". you will need to build the proxy connect with their radius server.

Thanks,

Tarik Admani
*Please rate helpful posts*

Customers Also Viewed These Support Documents