cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

614
Views
0
Helpful
2
Replies
Highlighted
Cisco Employee

EAP-MSCHAPv2 support with AD using LDAP broker

Hi,

As per the below document (Page 12)

https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_011…

EAP-MSCHAPv2 is supported with AD and not with LDAP.

However I have a customer, who are evaluating to do ISE and AD integration through a LDAP directory broker service (i.e. add AD as an LDAP Server) instead of the 'native join', which is the more common way to do it.

In the above case, does the supported authentication table is still applicable ? i.e. EAP-MSCHAPv2 is not going to be supported even though the back-end is still AD and only the join method has changed.

Thanks,

Naman

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Re: EAP-MSCHAPv2 support with AD using LDAP broker

Yes, the support table is applicable to any ID store configured as a LDAP ID source in ISE.

View solution in original post

2 REPLIES 2
Highlighted
Cisco Employee

Re: EAP-MSCHAPv2 support with AD using LDAP broker

Highlighted
Cisco Employee

Re: EAP-MSCHAPv2 support with AD using LDAP broker

Yes, the support table is applicable to any ID store configured as a LDAP ID source in ISE.

View solution in original post