Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
480
Views
0
Helpful
1
Replies

Assigning a VLAN to an AD authenticated 802.1x user/computer

swharvey
Level 3
Level 3

‎08-21-2006 06:07 PM - edited ‎03-10-2019 02:43 PM

How do I configure our ACS 4.0 server (and 2950 switch) to assign an 802.1x authenticated user to a specific vlan based on the AD group that the user is a member of in the Windows Domain?

Example, Joe.Schmoe is an AD member of the group 'Sales' which is defined as well in the ACS under External user DB, DB Group Mappings, Windows DB, Domain Configs, NT Groups. How can I configure the ACS to assign Joe's 802.1x authenticated switchport to be assigned to a specific vlan?

Labels:
0 Helpful
1 Reply 1

etamminga
Spotlight
Spotlight

‎08-21-2006 09:57 PM

Hi,

One of the ways this can be done is by utilizing the Network Access Profiles features.

Have a look at http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a008052e984.html for more details on how to configure one. VLAN Assignment is done in the authorization section. Remember you need to configure the 2950 to do authorization as well for the VLAN assignment to work!

Although this document describes NAC as well, the NAC bits are optional!

Regards,

Erik

0 Helpful
Customers Also Viewed These Support Documents