Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
429
Views
0
Helpful
4
Replies

Cisco 3850 do1x

Go to solution
haitham.jneid
Level 1
Level 1

‎09-20-2016 04:31 AM - edited ‎03-11-2019 12:05 AM

Hi experts,

is it possible to integrate Cisco 3850 switch with Active Directory so that users can be authenticated via AD before accessing the network.

I am confused between integrating the switch with AD and ACS. I know that ACS will be used for Management access authentication.

Appreciate if someone can clarify this point for me.

thanks,

Haitham Jneid

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
agapitca19
Level 1
Level 1
In response to haitham.jneid

‎09-20-2016 01:22 PM

ACS to be integrated with AD to retrieve user/group database - Yes

dot1x is to be configured between switch and ACS- Yes and in ACS, like I said, that's where you will configure dot1x authentication and authorization policies.

in this case wired users once they plug their laptop on a switch port enabled for dot1x authentication, the switch will contact ACS and ACS has already the database from AD. ACS will check if the user is in the database and allow access or not. Yes based on your dot1x authentication and authorization policies.

***Please rate and mark the comment correct if you find it helpful***

View solution in original post

0 Helpful
4 Replies 4

Go to solution
agapitca19
Level 1
Level 1

‎09-20-2016 05:10 AM

Hi,

ACS integrates with AD not the switch. It is in ACS where you will configure dot1x authentication and authorization policies. You will configure the switch for dot1x to talk to ACS. 

HTH

***Please rate and mark the comment correct if you find it helpful***

0 Helpful

Go to solution
haitham.jneid
Level 1
Level 1
In response to agapitca19

‎09-20-2016 05:43 AM

Hi,

Appreciate your Valuable support,

please just confirm if I understand your answer,

ACS to be integrated with AD to retrieve user/group database

dot1x is to be configured between switch and ACS

in this case wired users once they plug their laptop on a switch port enabled for dot1x authentication, the switch will contact ACS and ACS has already the database from AD. ACS will check if the user is in the database and allow access or not.

thanks,

Haitham Jneid

0 Helpful

Go to solution
agapitca19
Level 1
Level 1
In response to haitham.jneid

‎09-20-2016 01:22 PM

ACS to be integrated with AD to retrieve user/group database - Yes

dot1x is to be configured between switch and ACS- Yes and in ACS, like I said, that's where you will configure dot1x authentication and authorization policies.

in this case wired users once they plug their laptop on a switch port enabled for dot1x authentication, the switch will contact ACS and ACS has already the database from AD. ACS will check if the user is in the database and allow access or not. Yes based on your dot1x authentication and authorization policies.

***Please rate and mark the comment correct if you find it helpful***

0 Helpful

Go to solution
haitham.jneid
Level 1
Level 1
In response to agapitca19

‎09-21-2016 02:51 AM

Hi,

so it is not possible to integrate 3850 directly with AD, it should be through ACS right?.

thank you.

Haitham

0 Helpful
Customers Also Viewed These Support Documents